Renew of trusted GoDaddy single SSL cert in Win SBS 2008 Exchnage 2007 SP3

Posted on 2013-05-21
Medium Priority
Last Modified: 2013-05-26

I have a Win SBS 2008 server with Exchange 2007 SP3. The GoDaddy single SSL cert that I use for OWA/ActiveSync is up for renewal. I bought a 3 y renewal from GoDaddy and now I need to get a CSR-request issued from my server. Have been trying to get this working using EMS and new-exchangecertificate cmdlet

EMS output error from New-Exchangecertificate cmdlet
I get an error and can't get it to work!

Question by:AfftekData
  • 5
  • 3

Expert Comment

ID: 39183710
It looks like a required value is not set.  Try adding -DomainName yourdomain.com to the command.

Expert Comment

ID: 39183711
Failing the above, run mmc and add the certificates snap in and try creating a custom request there.  Don't forget to mark the private key as exportable if required.
LVL 15

Expert Comment

by:Skyler Kincaid
ID: 39183886
Use this tool to generate the CSR command:


You will have to edit the part of the command that has the location for it to save the text file. That is what we use and it works great.
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!


Author Comment

ID: 39183895
I've tried the first solution to add -DomainName with no luck...
I used the digicert SCR command... No luck

Need more info on how to get the MMC solution to work. A more setp by step guide.

The Exchange server is updated to SP3 without any Rollup. Tried to install RU10, but got an error saying that I need at least Exchange server Administrator permission... I already got that... ? Note that this is a Win SBS 2008 (SWE GUI)


Expert Comment

ID: 39183907
Click Start, click Run, type mmc and then click OK.
In MMC, goto file add/remove snap in and find certificates and click on add and then OK.  Make sure you use computer account, not the user account.
expand Certificates - Current User, and then expand Personal.
In the right pane, right-click and point to All tasks, and then Advanced Operations and Create custom request.

You can pretty much follow the wizard from there.  Make sure you set the key size to 2048 as by default its only 1024 which most places wont accept now.  Good luck!

Author Comment

ID: 39184040
Are you sure...? Should I create a request under Current User Personal ... Not ander Local Computer - Personal - certificate? This is where I can see my current cert.

I tried it, but don't get any question about size 2048 or whwre to enter any info about domain name and so on... Is this really the right way?

Author Comment

ID: 39184055
Checked my Powershell version : 3.0... Is it compatible with SBS 2008 and Exch 2007? Could that be the problem? Can I downgrade it?

Accepted Solution

AfftekData earned 0 total points
ID: 39184239
Uninstalling Win Management Framework 3.0 KB2506146 made the trick and reverted Powershell to 2.0 and now my new-exchangecertificate cmd works again!!!

Author Closing Comment

ID: 39197427
Thanks for looking in to my issue even if we found it out ourselves!

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Disk errors can be the source of sundry problems for the Exchange server, the most common one being that the database fails to mount.
A method of moving multiple mailboxes (in bulk) to another database in an Exchange 2010/2013/2016 environment...
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…
Suggested Courses

587 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question