George Zarif
asked on
SSL Certification
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
First make sure that are not in use. I would not remove any cert till you have the new one in place and working.
ASKER
I have no idea how to check of the one in place is working
You can run:
Get-ExchangeCertificate | fl | out-file –filePath c:\certs.txt
This will create a text file in the root of C:\ drive called “certs.txt” which contains the details of every certificate install on the server.
ASKER
Okay .... Then I remove all thubprints that I see in the event logs?
ASKER
One more question ... What exactly will stop working when the thumbprints are removed?
(Could one of them be the exchange mail?)
(Could one of them be the exchange mail?)
The Exchange will continue to work but people will not be able to connect to it using OWA and when they connect using Outlook will receive a certificate error message.
ASKER
Just to understand properly the exchange server will stop working
are those certificates valid? If are valid I don't see any reason to remove them.
On my preview post that would be valid if the certificate is expired.
On my preview post that would be valid if the certificate is expired.
ASKER
The certificates are going to expire is about a month.
The only thing I would worry about are the users email access
The only thing I would worry about are the users email access
You cannot remove a certificate if is running. Here are the steps to remove a cert: http://www.techieshelp.com/how-to-remove-an-expired-exchange-2007-certificate-and-create-a-new-certificate/
http://technet.microsoft.com/en-us/library/aa997569%28v=exchg.80%29.aspx
http://technet.microsoft.com/en-us/library/aa997569%28v=exchg.80%29.aspx
If you only have one month left I would proceed with the steps I provided on my first post to request a new cert and when you have it just replace the one you have now.
ASKER
Thank you so much for your patience with me, I will try it tomorrow
No problem. Good luck.
ASKER
The first links you sent are pretty much the same as the other pairs.
This appears to be SBS and the self-signed certificate. If so you simply need to run the "fix My Network" wizard under SBS console | server management | Network |Connectivity.
When using a 3rd party certificate the following applies:
http://blog.lan-tech.ca/2012/03/03/sbs-20082011-renew-3rd-party-certificate/
When using a 3rd party certificate the following applies:
http://blog.lan-tech.ca/2012/03/03/sbs-20082011-renew-3rd-party-certificate/
The answer you selected will work for Exchange but not your other SBS services such as RWA, you will still need to apply the certificate to those.
ASKER
I was going to split the points but I chose the wrong one. No idea how to fix it
Don't worry about the points, just advising you will need to apply to the RWA site.
ASKER
Where do I purchase the certification?
there are many suppliesrs, godaddy.com and rapidssl.com are two of the most common. The link I provided explains how to request and install as well as has an add linking to a discount for the Godaddy one.
ASKER
Thank you, God bless
Very welcome.
Cheers!
Cheers!
ASKER