Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Remove assigned POP and IMAP from Exchange 2013 Certificate

Posted on 2014-10-15
3
Medium Priority
?
663 Views
Last Modified: 2015-02-10
Hello Experts,
I am new to certificate creation editing and management, and I recently added services to our exchange certificate which ended up breaking emails. A friend fixed the smpt & IIS side and was able to remove the IIS and SMTP services from the certificate, but the IMAP and POP services remain.
I tried:
Disabling the services on a Certificate without removing it,
Enable-ExchangeCertificate -Thumbprint 0000000000000000000000000000000000000 -Services 'None'
This did not work.
To fix this from my readings on the web, I think I will need to recreate the self signed certificate and move the POP and IMAP services to them?  will this work, do I have to do this when. We are running Exchange server 2013 (on Server 2012R2), with the transporter located on an SBS 2008 running Exchange 2007
0
Comment
Question by:Hec C
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Accepted Solution

by:
Md. Mojahid earned 1500 total points
ID: 40383623
Following info applies to your case:
Source: http://technet.microsoft.com/en-us/library/aa997231.aspx

"The Enable-ExchangeCertificate cmdlet is additive. When you specify a subset of services for which a certificate is enabled, the services that aren't specified aren't removed from the Services property. If you don't want to use an existing enabled certificate for Exchange services, you must enable another certificate, and then remove the certificate you don't want to use."

So you would enable the certificate for services that are required from the Exchange Mgmt Shell. For example:
Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services POP,IMAP,SMTP,IIS

Then remove the certificate that was associated with the services that are not required. For example:
(most likely the same certificate as in the previous example, your thumbprint will be different)
Remove-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e

That should do it. Might need to restart IIS:
iisreset /noforce
0
 

Author Comment

by:Hec C
ID: 40602019
I deleted the certificate then recreated a self signed one, this removed all the services associated to it, which was what I was after. Thanks for your assistance.
0
 

Author Closing Comment

by:Hec C
ID: 40602025
Simply deleting then creating a new self signed certificated solved this particular issue.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question