Solved

SSL Certificate renewal not working on Exchange 2003

Posted on 2014-01-10
6
749 Views
Last Modified: 2014-01-10
Hi Experts!

We've got a customer with an SSL certificate that expired and we tried to renew it.  Everything works with the CSR request, but when we get the certificate back via email from our SSL provider, it won't import the certificate.  Currently, I've manually imported the certificate (using the certificates add-in in MMC) and have attached the proper certificate (meaning it has the new expiration date) to the Default Website (the one that contains /exchange).  However, it's not working.  Anyone have some ideas I can try?  I've disabled the "default" Rapid SSL certificate and imported the certificate authority that they sent.  We're stuck and the customer can't get email via smart phones or web.

Thanks!
0
Comment
Question by:tganus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 

Author Comment

by:tganus
ID: 39770933
I've even tried deleting the certificate and going through the entire process (by creating a new certificate request in directory security).  But it refuses to import the .cer file I create and talks about private keys (sorry I don't have the exact error message)...
0
 

Author Comment

by:tganus
ID: 39770969
Here's the exact error message when I try to import the .cer file:

The pending certificate request for this response file was not found.  This request may be canceled.  You cannot install selected response certificate using this Wizard.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39771182
I would go back to the SSL provider and ask if you can get the SSL certificate reissued from a new CSR. Then generate a new CSR in IIS manager and send it to them.

It isn't unusual for CSRs to get corrupt at either stage - I remember once having to do it five times because the firewall was corrupting it!

Simon.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:tganus
ID: 39771431
I got a new SSL certificate (a wildcard this time) from our provider and went through the entire process and it worked.  But, I can't access my website.  It's not giving me any errors or anything, even local https://servername doesn't work.  I'm lost.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39771918
Check in IIS manager that you have the correct bindings. You should have two - 80 and 443.

Simon.
0
 

Author Comment

by:tganus
ID: 39771975
Simon,

Thanks for the help.  Ended up doing the new certificate and it worked, but I had followed some instructions elsewhere on EE about doing the certificate renewal with a temporary website.  IIS had started the temp website instead of "Default Website".  Once I deleted the temporary one, all is well.  Still would have liked to figure out the corruption of the old one, but completely new SSL certificate wins.  Thanks!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month11 days, 10 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question