?
Solved

Certificate Principle Mismatch on Exchange 2003

Posted on 2013-01-17
3
Medium Priority
?
394 Views
Last Modified: 2013-01-21
I ran the Exchange 2003 best practices Analyzer and it told me that my SSL certificate is mismatched. How do I go about fixing this. I just renewed my SSL certificate with GoDaddy so I am to assume all I need to do is generate a new certificate for the OWA website. The certificate that was generated was for mail.domainname.com yet when I look in Exhcange it shows domainname.com. Doesn't the certificate need to match the mail.domainname.com for OWA or does it need to match the domainname.com that is listed in Exchange?

My next question is how do I get the CSR to generate the certificate to be applied to the Exchange server?
0
Comment
Question by:tparus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38789564
Ignore that error.
For some reason the BPA checks the root of your domain for an SSL certificate and throws an error if there is an issue. The root of the domain probably points elsewhere (like your public web site) so has no effect on the operation of the Exchange server.

Simon.
0
 

Author Comment

by:tparus
ID: 38789827
Well that is good to know. Now how do you get the CSR so I can get my new certificate installed on the server?

Thanks for all your help.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 38789866
As this is Exchange 2003 you will need to use the wizard in IIS Manager. If you have a current certificate that you want to use in the meantime (As it hasn't expired) then you will need to create a dummy web site as a place holder, because you have to remove the existing SSL certificate before you can create a new request. Once the request has been completed and the certificate installed, you can switch the certificates in IIS manager and then delete the dummy web site.

Full instructions are here: http://support.godaddy.com/help/article/5277/generating-a-certificate-signing-request-csr-iis-5-and-6

Simon.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question