jyoung127
asked on
Import Cert issue
When trying to renew cert for Exchange 2013, After importing the new cert it says at "Pending request " status. IF I go into the MMC and check the certs. it shows up there but not assign to friendly name. I have tried this multiple times.
I feel like I am missing something silly.
I feel like I am missing something silly.
Can you goto to cert properties and check if friendly name is given or not.
ASKER
Nope if I go to mmc/ add the certificates and look at the new imported cert. it shows everything but friendly name = <none>
Ensure that the imported certificate is including the private key.
Some simple was to test it:
Option 1: On the MMC console, notice if the certificate icon shows a Key.
Option 2: Right click the certificate, select the option export, and check if the process asks you to include the private key (If that option is not available the certificate does not have the private key included or at least it was not set as exportable).
If it was the case you will need to complete the process again (Because Exchange will not recognize the certificate as valid, and it will be in pending state, until the certificate includes the private key).
Some simple was to test it:
Option 1: On the MMC console, notice if the certificate icon shows a Key.
Option 2: Right click the certificate, select the option export, and check if the process asks you to include the private key (If that option is not available the certificate does not have the private key included or at least it was not set as exportable).
If it was the case you will need to complete the process again (Because Exchange will not recognize the certificate as valid, and it will be in pending state, until the certificate includes the private key).
ASKER
There is no Key next to the Cert in mmc. I followed the import process for this
I imported the Intermediate cert
and followed the wizard in Admin console for Exchange. Not sure what else to try.
I imported the Intermediate cert
and followed the wizard in Admin console for Exchange. Not sure what else to try.
Ok, how did you make the certificate request process?
- Using the Exchange Administrative Center (web administrative console), or....
- Using Exchange Management Shell, or...
- Other method (i.e. MMC console, certutil command, other).
Are you using a public CA?
- Using the Exchange Administrative Center (web administrative console), or....
- Using Exchange Management Shell, or...
- Other method (i.e. MMC console, certutil command, other).
Are you using a public CA?
ASKER
Used Exchange Administrative Center,
I followed : https://www.godaddy.com/help/exchange-server-2013-install-a-certificate-4774
I followed : https://www.godaddy.com/help/exchange-server-2013-install-a-certificate-4774
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Do yo have a link on how to use The EMS ? I have already tried with EAC multiple times and it does not work.
ASKER
Update I got busy working on some other issues. I will look at this in more detail tomorrow and report back.
jyoung127, will you give an update of your progress?
ASKER
Sorry for the delay , I will look at this today and let you know. I have never done it using command before might take me a bit to figure out. Any good tips?
It will be ok just following the reference links from Todd of the command line or the process involving the GUI (However, at the end the GUI is just an interface to generate the commands that make the task). But with the commands many more settings and details can be customized.
ASKER
So I am just renewing the current SSL what command would I need. I only see if I am doing a new.
When following this link : https://oddytee.wordpress.com/2014/09/09/exchange-2013-certificate-commands/
If I do it through the GUI It will not go from pending.
I am not sure if it matters but this was auto renew by Godaddy.
When following this link : https://oddytee.wordpress.com/2014/09/09/exchange-2013-certificate-commands/
If I do it through the GUI It will not go from pending.
I am not sure if it matters but this was auto renew by Godaddy.
ASKER
I feel like such a rookie today. I figure out I was not rekeying the Cert in GOdaddy site.
Thanks for the help.
Thanks for the help.