renew / update exchange server 2010 SSL cert

Greetings,

My exchange 2010 SSL cert is expiring. I renewed it with go daddy. I downloaded the files and have them on the server. Since it is the same server that generated the original CSR, I did not create and submit a new one.

I found directions for renewing / updating by creating a new CSR but I need to know how to update the current cert with the new ones. My confusion is that I am supposed to click a link in EMC that says complete request, yet I don't have that since I didn't initiate a renew through the server.

Thanks for the help
LVL 7
king daddyAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Usually with windows you have to go through the process of generating a new request which is then used as you articulated have the option when the signed certificate is returned, you would complete the transaction.
One option you can try is using the certificate management console accessing the same repository where the current certificate lies and then import the renewed certificate. At this point the hope is that the certificate will be reflected as having the private key (from the prior certificate issue).

The other option is to export the current certificate along with the private key (Pfx) files, the. Using OpenSSL to convert the Pfx file into a dear format which will be in the same format as your newly renews certificate.
The private portion of the pair is than combined with the newly issued certificate. And the the two are converted back to a Pfx format which you would then import.
In the future, with windows based system, one is best to generate the request and have it signed by the issuer.


I am uncertain whether the current certificate is part of the certificate store of the service or the entire computer.

Once you complete either, your certificate listing should have an option to replace the existing certificate with and at that point you should have both/all prior certificates listed there, See if the expiration date of the certificate is part of the display.  You can choose it.  Using this same method, you can revert the certificate assignment if issues arise,
Which should not as long as the certificate when viewed reflects that a private key exists.
arnoldCommented:
Amit, that is the normal process. Which the asker did not follow while having the new certificate issued already.


Rpliner, And it is a viable possibility I think goddady provides to handle such a situation where you can generate a CSR and have them issue the certificate based on that within the first seven days of issuance. Check if that is a viable option..

Though I believe the route I outlined earlier can be worked at.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

AmitIT ArchitectCommented:
Sorry, I am in deep sleep, let me check it Tomm...
king daddyAuthor Commented:
thanks guys.

Arnold, I will contact go daddy. at this point it may be easier to just generate a new CSR and get a new cert.
king daddyAuthor Commented:
sorry for just getting back to this. I called go daddy and they suggested I re-key the cert.

thanks for the replies.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.