Hi all. I've got a complicated situation in which I am trying to cut some costs on (and thus implement what some would say is a slight bad practice). This issue has multiple parts.
I recently did an exchange 2010 -> 2013 migration. During that migration, I tried to download the GoDaddy UCC and import it into the Exchange 2013 ECP. Each time I tried to import it, the process would finish but it would not show up in the list of available certificates.
Diving into MMC, I could see that the recently imported cert was there, but since Exchange couldn't see it - that was useless to me. I worked around my issue by exporting the EX2010 certificate and importing that into Exchange 2013 (knowing that at some point in the near future I would have to do a new CSR and upload that to Godaddy etc.). I saved myself the step at the time.
I've got two external web hosts that do white label service (XXXX.domain.com -> a web portal at an external host). The first one, I just emailed the chain and Godaddy key and they set up the SSL cert. All is working fine.
This second party is giving me issues. I sent them the same data (.crt and the chain cert .p7b). They came back asking me to put it in pfx format (which I did for them using a tool from GitHub). During their import on IIS 8.5, it's claiming that the certificate does not include the private key. Well, no kidding right?
So my question is: How do I work with them on this? I consider it truly a bad idea to export my private key from the Ex2013 server (assuming that I have done what I spoke about re: CSR and new cert download from GoDaddy) and send it to someone else. Kinda defeats the point of the cert / trust yes? Further, how was the other party able to complete it when this fellow is having issues? Is there some advice I can lend them, or do I need to do something more?
If I'm indeed having a senior/blond moment, feel free to make fun of me endlessly. It's 5pm local time, I've been going since 5am.