Cannot import UCC certificate into Exchange 2013 - co-existing SBS 2011

I have built a new virtual server which is running Windows Server 2012 R2 with Exchange 2013 CU7. It Co-Exists on a domain on which I have an SBS 2011 server running. The plan is to migrate exchange.

I have purchased a UCC certificate from GoDaddy and I am trying to import it into Exchange.

The problem that I am having is that weird things are happening on the Exchange 2013 server. The CSR seems to disappear randomly from the ECP so therefore I cannot complete the requests. I did manage to do a Re-key on the certificate and try to complete the request once but Exchange told me the thumbprints did not match.

I have been trying to import the certificate through powershell, which seems to work, but after listing the certificates in powershell it is not there.

Not sure if this is a common problem but I have never seen this before.

If anyone can shed any light on this it will be very much appreciated.


Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
I would just generate the CSR from IIS.

Once you get your certificate back complete the certificate request.

Then do the following...
- Open Powershell (directly on the CAS sever)
- Type: Get-ExchangeCertificate | ft
- You will then see all of the Exchange certs in the powershell window
- Then Type: Enable-ExchangeCertificate -Thumbprint <xxxxxxxxxxxxxx> -Services "pop,imap,smtp,iis"
- Press Enter, it will prompt to confirm, Press Y

Check in the EAC that your certificate is now enabled and set.

You can then check your OWA/EAC etc and check that the new cert is associated with it.

You can then remove the old one (if one exists)
Remove-ExchangeCertificate -Thmubprint <xxxxxxxxxxxxxxxx>


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.