• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 599
  • Last Modified:

SSL CERTIFIACTE, EXCHANGE

we get everyday morning report of ssl certificate expiration from our internal CA.

there si one cert company name CA-xchange which auto renews itself and keeps popping up in the list

cert type: CA EXCHANGE , I don't see anywhere on exchange or on cert authority

where can I find it
0
pramod1
Asked:
pramod1
  • 6
  • 6
1 Solution
 
Jakob DigranesSenior ConsultantCommented:
The CA Exchange certificate is used for securing exchange of private keys - used in Key Archival. Key Archival is "backing up" certificates - mostly for user certs. An administrator can retrieve the private key for decrypting files - if the user certificate is lost or not accessible. Requires special roles and certs for Key Archival users.

more here: https://technet.microsoft.com/en-us/library/cc730826(v=ws.10).aspx
0
 
pramod1Author Commented:
but where should I see it in cert authority?
0
 
Jakob DigranesSenior ConsultantCommented:
would be listed in ISSUED CERTIFICATES in Cert Authority, or MMC-Certificates - Local Computer - Personal
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
pramod1Author Commented:
I don't see in issued certificates, which local computer you are referring to ?

is it the cert authority server itself
0
 
Jakob DigranesSenior ConsultantCommented:
yes-- only the CA server will have this certificate. Sorry for not specifying :)
0
 
pramod1Author Commented:
my alst question before i close- so in lay man terms  the cert is used for securing private keys only for exchange?
0
 
pramod1Author Commented:
even I upgrade my cert server it will be there
0
 
Jakob DigranesSenior ConsultantCommented:
yes --- they will be there
0
 
Jakob DigranesSenior ConsultantCommented:
yes - only for securing the exchange of private keys - nothing to do with the mail system Microsofr Exchange :)
0
 
pramod1Author Commented:
also if I upgrade the cert server
0
 
Jakob DigranesSenior ConsultantCommented:
yes
0
 
pramod1Author Commented:
thanks for all info.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows PowershellĀ® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now