Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2010 Wildcard SSL Renewal Issue

Posted on 2014-01-16
5
Medium Priority
?
527 Views
Last Modified: 2014-01-27
Hi Experts,

Need some assistance/advice..

Our Exchange 2010 (Wildcard SSL) certificate is about to expire, our ISP has already renewed the certificate for me and they have sent me the files 1.crt and one iis.pkcs7 file. They did the renewal without the request file from my side.

1st all my info is still the same - Server Names, Domain Names and IP’s are all unchanged.

Now.. When I try to complete the renewal process on my side it completes without a problem it adds the new certificate into certificate store on the exchange server (Personal) this certificate doesn't show the padlock icon. In exchange management console the certificate is still showing Pending. When you redo the process it tells you the cert thumbprint already exists, after deleting the cert from certificate store under personal you can complete the process..

Steps Ive done, I created a new certificate request on my exchange server and asked our ISP to re-key our current cert..
As far as I know this should work but my ISP has still not responded to my request (now 4days and a couple of hours and plenty of emails and phone calls later)

So now I’m stuck in a loop here, what else can I do while I wait for my ISP?

Attached are some screenshot I think are relevant to my question..

Regards
exchange-cert-console.PNG
current-cert.PNG
cert-2-in-exchange-console.PNG
cert-console.PNG
0
Comment
Question by:Dirk Mare
  • 2
5 Comments
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 1400 total points
ID: 39785093
You cannot use an existing CSR with Exchange, it needs to be a new one.
Therefore unless the ISP sent you a complete certificate (rather than just a response) what you had was useless.
The rekey is the best option, and it is down to waiting for the ISP to supply it.

Although four days is a joke - I can get certificates in less than 20 minutes. Probably time to escalate the request or take the business elsewhere.

Simon.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 600 total points
ID: 39785142
Just to add, Wildcard certs although can be used they are not recommended for Exchange. It is best to get a SAN/UCC cert for Exchange going forward, i would look into this before you renew your wildcard cert.

Will.
0
 
LVL 16

Accepted Solution

by:
Dirk Mare earned 0 total points
ID: 39785966
Managed to get the boss of the boss at ISP, 5min later and received the correct info..

Exchange and TMG server running on the new cert..

Thanks
0
 
LVL 16

Author Closing Comment

by:Dirk Mare
ID: 39811527
Changed the Grade to A.

Thanks All
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question