Solved

SSL Cert import to Exchange 2010

Posted on 2013-11-06
4
721 Views
Last Modified: 2013-11-20
Hello,

I'm having trouble importing a 123-reg wildcard cert into a exchange 2010 server running on a Windows 2012 server, it imports the cert OK but then show its status as Pending.

When I look at the cert properties it states "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store."

it also incorrectly states the valid from and until dates, which should be 5 years - it shows it to be only one year.

the CSR used to generate this cert was created from the Exchange management console - not from IIS, is this the correct method?

I have added the intermediate certificate provided by 123-reg.

Any advice would be greatly appreciated!
0
Comment
Question by:TopCat-007
  • 3
4 Comments
 
LVL 6

Expert Comment

by:iradatsiddiqui
ID: 39627335
0
 

Author Comment

by:TopCat-007
ID: 39635746
unfortunately this is the process I've followed to the letter and although it initially completed without error, the cert was stuck with a status of "this is pending certificate signing request" If I try and re-import the cert I get an error that the cert already exists.

This is a wildcard certificate but that shouldn't matter as Exch 2010 support them now.

I've checked the cert issued with http://redkestrel.co.uk/products/decoder/ and they have the correct details.

help, this is very frustrating :) many thanks
0
 

Accepted Solution

by:
TopCat-007 earned 0 total points
ID: 39650642
I found the solution, I had to open the .cer file and press install certificate from windows explorer before Exchange would allow it to be installed.
0
 

Author Closing Comment

by:TopCat-007
ID: 39661987
I found the solution myself, there was an additional step to install the ceret, I had to open the .cer file and press install certificate from windows explorer before Exchange would allow it to be installed.

I expect this is because i'm running Exchange 2010 on Windows 2012.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now