Migrate Exchange 2010 to Exchange 2013

I would recommend requesting new certificates from your provider.  Create a new CSR and ask them to regenerate which, because it's the same address, shouldn't be a problem.

That's what I have done.

Since you are using same domain, normally most of certificates can be updated at no cost from your certificate provider. Certificate from Exchange 2010 to 2013 cannot be done. You need to request a new certificate for the new one.

You don't need new certificates.
Just export the old ones from Exchange 2010 and import them in to Exchange 2013. No need to go through a new CSR unless you are changing the host names.

Simon.

You would only need new certificates if the certificate's Alt Subject Names include server FQDNs. Then you would need to add the new server FQDNs and that requires a new certificate.

You can export the certificate (you must include the private certificate part as well) using the Certificates MMC for the Local machine and then import them onto the new servers. Remember to import the Trusted Root CA certs as well.

Wouldn't it be easier to request a new cert using the CSR?  I usually end up doing that it works fine for me.

Easier? In what way? It takes 30 seconds to export and then 30 seconds to import. You may have to import an intemediate and that would need to be done with a new certificate.

New certificate request - run through wizard, login to web page, go through cert request, go through authenticaiton, wait, then import (as per second stage of above).

Simon.

Thanks all for your answers !

Im a little newbie with certificates . So , i can just export them and its over? The FQDN of the exchange 2010 server is different from the fqdn of the 2013 server. Is this a problem ?

Hostname will remain the same , mail.domain.com .

Thanks

Although I concede with Sembee2 about the speed of the cert import & export, if you are not quite familiar with how SSL Certs work, I would recommend regenerating the cert with your provider.

I have exported & reimported certs but you need to know how the intermediate certificate works for any SSL certificate.

Yes, is the FQDN of the 2010 server included in the certificate?
The server name is used by the transport services (TLS/SSL smtp) and UM services.

Hello ,

Thanks all for your answers ,

Sembee2 ,

My migration plan for the data is big bang ;) I have about 50GB of data. It's not much so i will move the mailboxes all together at once.
I don't need to keep access to OWA , activesync and outlook anywhere. I will do the migration at low traffic hours so it's not a problem with that.

So , do you thing that best is to re-issue the certificates?

Thanks

If you are doing a big bang, then I don't see the point in reissuing the SSL certificate. Kick everyone out, move the DNS/firewall entries and then move the content.
A certificate reissue just complicates matters. If you get the certificate rekeyed then you have a 24 hour window before the old certificate stops working, you just don't need that headache as well.

Simon.

Thanks simon,

I did exactly what you said yesterday and it works great.The migration finish successfully and mail flow now working from exchange 2013.   My only issue know is how to decommission the old Exchange 2010. I have unmounted and delete the old database. I just now uninstall the old exchange ? Do i have to also delete the public folder database ?

Thanks

I would delete the old public folder database before you start to remove Exchange 2010. If there is something that stops it from being dropped it will tell you.
Likewise, removing Exchange correctly using add/remove programs will tell you if there is something wrong or not.

Simon.

Hello ,

I follow a guide to remove the public folder database and now im stuck in a way that i cant delete it . Database is dismounted , i have delete all files and logs , trying to mount the database so that will generate a new one and then delete it but i get an error

--------------------------------------------------------
Microsoft Exchange Error
--------------------------------------------------------
Failed to mount database 'Public Folder Database 1291603032'.

Public Folder Database 1291603032
Failed
Error:
Couldn't mount the database that you specified. Specified database: Public Folder Database 1291603032; Error code: An Active Manager operation failed with a transient error. Please retry the operation. Error: Database action failed with transient error. Error: A transient error occurred during a database operation. Error: An error occurred while preparing to mount database 'Public Folder Database 1291603032'. Error: An I/O error occurred while attempting to enumerate log files. Error 0x3 (The system cannot find the path specified) from Windows API 'FindFirstFile'. [Database: Public Folder Database 1291603032, Server: EXCHANGE.interworks.eu].

An Active Manager operation failed with a transient error. Please retry the operation. Error: Database action failed with transient error. Error: A transient error occurred during a database operation. Error: An error occurred while preparing to mount database 'Public Folder Database 1291603032'. Error: An I/O error occurred while attempting to enumerate log files. Error 0x3 (The system cannot find the path specified) from Windows API 'FindFirstFile'. [Database: Public Folder Database 1291603032, Server: xxxxxxxxxxxxxxxxxx]

An Active Manager operation failed with a transient error. Please retry the operation. Error: An error occurred while preparing to mount database 'Public Folder Database 1291603032'. Error: An I/O error occurred while attempting to enumerate log files. Error 0x3 (The system cannot find the path specified) from Windows API 'FindFirstFile'. [Server: xxxxxxxxxxxxxxxxxxxx]

An error occurred while preparing to mount database 'Public Folder Database 1291603032'. Error: An I/O error occurred while attempting to enumerate log files. Error 0x3 (The system cannot find the path specified) from Windows API 'FindFirstFile'.

An I/O error occurred while attempting to enumerate log files. Error 0x3 (The system cannot find the path specified) from Windows API 'FindFirstFile'.

Any way so i can force delete it ?

Thanks

The problem was deleting the files.
Were you unable to delete it before removing the files? Resolving that issue would probably have been best.
The only option available to you now is to remove the database using adsiedit.

http://exchangeserverpro.com/exchange-2010-remove-public-folder-database/

For anyone else reading this question - ADSIEDIT method should only be used when all other options are exhausted. Do not use it as a shortcut instead of replicating content off and doing it properly!

Simon.

Hello simon ,

I have managed to delete it with the guide you send me and then i uninstall the old exchange installation ! Thanks a lot !

And now my last problem ;)

From outside everything is working perfect , autodiscovery , owa , ecp .

From inside again everything works perfect except when i open outlook i take a security alert that says that the name of the security certificate is invalid or does not match the name of the site. If i press yes to procceed everything works great and i have connectivity .

Any ideas ? The certificate in the subject alternative name don't have the internal hostname of the server. Do you thing that i must add it ?

Thanks

Have you changed all references in Exchange to match?
I presume you have a split DNS in place so that the external name resolves internally?

I don't have a version for Exchange 2013 yet, but this is the Exchange 2010 version of my article on what to change:
http://semb.ee/hostnames

They are the same names etc, just in different places.

Simon.

I will go by your guide and i'll let you know

Thanks again

Hello ,

Simon i follow your guide and it works perfect !! Thanks a lot for all your help , the migration to Exchange 2013 finish successfully .