davorin
asked on
certificate for exchange 2010
Hi,
we have created a certificate request for exchange 2010 server and I have started certificate issuing procedure on Godaddy.
The server is authoritative for 5 different domains and for all 5 domains there is an autodiscover SAN record.
At verification they have noticed, that one of the domains currently is not registered anymore, so it cannot be listed on the certificate. I wanted to recreate the request on the exchange server without autodiscover record for that domain and start the procedure again. But at Godaddy they insured me, that it is enough if I simply remove SAN name from the request at their console (What I also did).
Will I have problems to complete pending certificate request at Exchange server with so modified certificate?
Is it possible to import and use certificate on exchange server without creating the request first? (Let say in case a customer already has a wildcard certificate).
Thank you very much!
we have created a certificate request for exchange 2010 server and I have started certificate issuing procedure on Godaddy.
The server is authoritative for 5 different domains and for all 5 domains there is an autodiscover SAN record.
At verification they have noticed, that one of the domains currently is not registered anymore, so it cannot be listed on the certificate. I wanted to recreate the request on the exchange server without autodiscover record for that domain and start the procedure again. But at Godaddy they insured me, that it is enough if I simply remove SAN name from the request at their console (What I also did).
Will I have problems to complete pending certificate request at Exchange server with so modified certificate?
Is it possible to import and use certificate on exchange server without creating the request first? (Let say in case a customer already has a wildcard certificate).
Thank you very much!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
New certificate was accepted by Exchange server with no problem and I have assigned to it IMAP, POP, IIS and SMTP services.
I have removed old expired certificate, but there are listed another three self signed certificates:
- (no name) assigned to IMAP, POP, SMTP
- Microsoft Exchange assigned to SMTP
- SCVMM_CERTIFICATE_KEY_CONT AINERserve r.domain.l ocal not assigned to any service ????? (Outlook installed on Exchange server is crying that this cert. is not trusted)
Can all these self signed certificates be safely removed?
What is doing system center virtual machine manager cert on exchange server?
It is first time I see this server. It looks that on this server is installed hyper-v with two vitrual machines and for sure this server needs a little cleanup. I will remove the domain, if they don't intend to register it again.
If I understand correctly, with rekeying you can also change SAN entries?
Is it possible to import and use certificate on exchange server without creating the request first? (Let say in case a customer already has a wildcard certificate).
Sorry for bothering you with additional questions.
I have removed old expired certificate, but there are listed another three self signed certificates:
- (no name) assigned to IMAP, POP, SMTP
- Microsoft Exchange assigned to SMTP
- SCVMM_CERTIFICATE_KEY_CONT
Can all these self signed certificates be safely removed?
What is doing system center virtual machine manager cert on exchange server?
It is first time I see this server. It looks that on this server is installed hyper-v with two vitrual machines and for sure this server needs a little cleanup. I will remove the domain, if they don't intend to register it again.
If I understand correctly, with rekeying you can also change SAN entries?
Is it possible to import and use certificate on exchange server without creating the request first? (Let say in case a customer already has a wildcard certificate).
Sorry for bothering you with additional questions.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much, Simon.
As always, your answers are very helpful.
As always, your answers are very helpful.
If you want to recreate the certificate please use this to generate CSR easily
http://gallery.technet.microsoft.com/Exchange-20072010-and-2013-17a0b52f