[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

renew SSL in Exchange 2007 environment

Posted on 2015-01-23
4
Medium Priority
?
77 Views
Last Modified: 2015-02-12
Hello,
We have an Exchange 2007 environment and we’re in the process of renewing our SSL certificate. We’ve been using the certificate in OWA and Active Sync phones (mainly i-phones).  My question is, once we renew the certificate,  do we need to remove/add the account on the mobile phones, or does the certificate update in the background automatically?
0
Comment
Question by:Thor2923
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 34

Accepted Solution

by:
it_saige earned 2000 total points
ID: 40566454
Normally no.  The certificate used by exchange is not a client certificate.  It is used by the clients to validate that the https address, they are connecting to, is secured.

-saige-
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40566520
When you import the new cert it does not autocratically update itself. With Exchange you will need to specifically assign the services to the certificate you have imported. You will need to do this on all of your CAS servers in your environment.

You need to run these commands directly on the CAS server, not from a remote machine.

Get-ExchangeCertificate | fl

Enable-ExchangeCertificate -ThumbPrint xxxxxxxxxxxxxxxxxxxx -services "pop,imap,smtp,iis"

It will prompt you that this will be the default cert press Y to accept.

You can then remove the old Exchange cert once you have tested this new one.

Remove-ExchangeCertificate -ThumbPrint xxxxxxxxxxxxxxxxxxxxxxx

Will.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40566973
As long as you are using an externally trusted SSL certificate, you will not have to do anything on the clients.
It is the same as when you browse to your bank or Amazon. When they change their certificate you do not have to do anything.
That is the whole point of using a trusted commercial SSL certificate, rather than a self signed one.

Simon.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 40567920
The renewal process involves generating a fresh CSR (Certificate Signing Request) on one of your Exchange Client Access servers. This is then sent to a root certification authority (e.g. VeriSign) for processing into a valid SSL certificate (essentially they sign the request).


http://support.godaddy.com/help/article/5353/ssl-certificate-renewal-microsoft-iis-6x

OR

http://support.godaddy.com/help/article/4802/ssl-certificate-renewal-microsoft-iis-7

http://support.godaddy.com/help/article/864/renewing-your-ssl-certificate

http://support.godaddy.com/help/article/4877/installing-an-ssl-certificate-in-microsoft-exchange-server-2007
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question