Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SSL Certificate Renewal with Exchange 2010

Posted on 2016-11-03
9
Medium Priority
?
87 Views
Last Modified: 2016-11-28
I understand that I must request a new certificate (CSR) through my Exchange server - is there a way that I can be certain that I am requesting the exact same settings/requirements that is on the current certificate?

My concern in on the Config request - its asking about Sharing, OWA, ActiveSync, Client Access Server, POP/IMAP, and Hun Transport

I have one exchange box and on my EMC I see Imap, POP, IIS, SMTP - but nothing about Hub transport and others

I dont want to mess up something that is working fine now, The previous admin had gotten a 5 year SSL and this is my first time renewing...
0
Comment
Question by:Travis Hahn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 41872474
As long as the new cert has the same 'common name' and 'subject alternative names' (both of which you can see, if you view the certificate) then you can import a new one and assign the services to it.

Exchange 2010 – Working with Certificates

Pete
0
 

Author Comment

by:Travis Hahn
ID: 41872522
I want to make sure I am choosing the same services as before.

My concern is with Hub Transport
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 41872536
You can only assign SMTP,IMAP,IIS,UC,POP those are SERVICES, hub transport is a ROLE.

As long as your new cert is applied to IIS, SMTP, IMAP and POP it will be OK - unless its a wildcard then POP and IMAP will complain.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Travis Hahn
ID: 41872571
Certificate
This is where I have the question then - is there a way to tell if I used this in the past
certificate.png
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 1000 total points
ID: 41873053
Ignore the services selection in the wizard - it has no impact on the SSL certificate.
It is simply there to help you choose the right things.
Go to the end of the wizard and it will show you the summary of the names. There you can just add and remove the names as required (the wizard always puts the root domain in as the common name for example, which is often not what people want).
0
 
LVL 2

Assisted Solution

by:OnlineSupport
OnlineSupport earned 500 total points
ID: 41873124
If you want to see which services are applied what SSL, you can see this in GUI of Exchange. As advised already you can always assign services after anyway. As far as the names, you can find that by viewing the current SSL, generally common name is OWA addess, ALT name autodiscover.
0
 

Author Comment

by:Travis Hahn
ID: 41873186
Thanks - I think I was able to generate the CSR and now waiting for approval from GODADDY

Last Question is it safe to remove the expired or invalid certificates?
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 500 total points
ID: 41873493
Expired or not if they have services attached to them, I'd wait for the new one. Some services require TLS, and while it might throw errors into the event log, this will still 'work'

Wait until you have imported the new cert, and allocated services to it, before junking the expired one.

P
0
 

Author Closing Comment

by:Travis Hahn
ID: 41904559
Thanks for all the help
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question