Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Remove assigned POP and IMAP from Exchange 2013 Certificate

Posted on 2014-10-15
3
571 Views
Last Modified: 2015-02-10
Hello Experts,
I am new to certificate creation editing and management, and I recently added services to our exchange certificate which ended up breaking emails. A friend fixed the smpt & IIS side and was able to remove the IIS and SMTP services from the certificate, but the IMAP and POP services remain.
I tried:
Disabling the services on a Certificate without removing it,
Enable-ExchangeCertificate -Thumbprint 0000000000000000000000000000000000000 -Services 'None'
This did not work.
To fix this from my readings on the web, I think I will need to recreate the self signed certificate and move the POP and IMAP services to them?  will this work, do I have to do this when. We are running Exchange server 2013 (on Server 2012R2), with the transporter located on an SBS 2008 running Exchange 2007
0
Comment
Question by:Hec C
  • 2
3 Comments
 
LVL 12

Accepted Solution

by:
Md. Mojahid earned 500 total points
ID: 40383623
Following info applies to your case:
Source: http://technet.microsoft.com/en-us/library/aa997231.aspx

"The Enable-ExchangeCertificate cmdlet is additive. When you specify a subset of services for which a certificate is enabled, the services that aren't specified aren't removed from the Services property. If you don't want to use an existing enabled certificate for Exchange services, you must enable another certificate, and then remove the certificate you don't want to use."

So you would enable the certificate for services that are required from the Exchange Mgmt Shell. For example:
Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services POP,IMAP,SMTP,IIS

Then remove the certificate that was associated with the services that are not required. For example:
(most likely the same certificate as in the previous example, your thumbprint will be different)
Remove-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e

That should do it. Might need to restart IIS:
iisreset /noforce
0
 

Author Comment

by:Hec C
ID: 40602019
I deleted the certificate then recreated a self signed one, this removed all the services associated to it, which was what I was after. Thanks for your assistance.
0
 

Author Closing Comment

by:Hec C
ID: 40602025
Simply deleting then creating a new self signed certificated solved this particular issue.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question