Having trouble with certificate

Server 2013 not allowing certicate to be installed
Alex saenzIT CoordinatorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tom CieslikIT EngineerCommented:
How did you get certificate ?
Did you generated request first ?
Are you trying to do via ECP or IIS oir Powershell
0
Alex saenzIT CoordinatorAuthor Commented:
From Godaddy
Yes, I did generate the request first and uploaded it to godaddy
Then downloaded the ceritficate
installed the Itermediate Certificate
Then try to complete the certificate but that is where it is failing
I'm working via ECP
for some reason is not finding the path of the certificate. I'm not quite sure why. The share is accessible.

The imported certificate file for server SERVER10 failed to access for the following reason: The network name cannot be found
0
Alex saenzIT CoordinatorAuthor Commented:
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tom CieslikIT EngineerCommented:
Do you see shares on Server10 from Exchange ?
0
Tom CieslikIT EngineerCommented:
Try to navigate to certificate path using Windows Explorer from Server 10, then copy whole path to wizard
0
Alex saenzIT CoordinatorAuthor Commented:
Yes. I'm able to access it from my windows 10 machine.2018-01-01-11_54_14-server10.png
Also getting another message that says "Pelase a valid name when you run the new-exchange certificate cmdlet on server 10 with the request parameter. The file should not exist in target folder. Parameter name: request file."
0
Alex saenzIT CoordinatorAuthor Commented:
I did. It is not working!
0
Alex saenzIT CoordinatorAuthor Commented:
This is the path to the certificate, but I keep getting an error message
0
Alex saenzIT CoordinatorAuthor Commented:
This is what I'm getting.

This is what I get every single time.
0
yo_beeDirector of Information TechnologyCommented:
Have you tried changing the file extension.  I see you are using a .crt and it is asking for a .cer file.  You can rename the file extension without any issues.  

http://www.networksolutions.com/support/what-is-the-difference-between-a-crt-and-a-cer-file/
0
Alex saenzIT CoordinatorAuthor Commented:
I did what you said, and this what I'm getting.

Still not working after changing extension on the file certificate
0
yo_beeDirector of Information TechnologyCommented:
can you re-download the crt file as a cer?
0
Alex saenzIT CoordinatorAuthor Commented:
How will I do that? Godaddy only allows me to save the files as .crt extension

2018-01-01-12_42_54-server10.alex-ho.png
0
yo_beeDirector of Information TechnologyCommented:
When you double click the cert and go to the Certification Path tab do you see the entire chain.  Is the Godaddy Root CA missing.
If so I would recommend adding the GD Root CA to your server.

Cert1.png
https://certs.godaddy.com/repository/
0
Alex saenzIT CoordinatorAuthor Commented:
I'm ok with that. See picture below.

2018-01-01-13_01_24-.png
0
Alex saenzIT CoordinatorAuthor Commented:
Now I'm getting this.

2018-01-01-13_05_51-server10---Remot.png
0
Tom CieslikIT EngineerCommented:
Try import using Administrative path

If your certificate is on C drive in Certificate folder
use as a path

\\Server10\C$\Certificate
0
yo_beeDirector of Information TechnologyCommented:
Found this. https://supertekboy.com/2015/10/23/a-certificate-with-the-thumbprint-already-exists/
What the error stated this seems to meet exactly what you are experiencing.
0
Tom CieslikIT EngineerCommented:
So if you have certificate imported, open IIS, go to your default site, click bindings and make sure this certificate is assigned to your all links (internal and external - if you have one) on port 443
0
Tom CieslikIT EngineerCommented:
Also in Certificates under ECP make sure your certificate is bind to SMTP , POP, IMAP and IIS

Capture.JPG
0
Alex saenzIT CoordinatorAuthor Commented:
Tom,

No success. Keeps getting the same error message.  See picture2018-01-01-13_13_40-server10---Remot.png
0
yo_beeDirector of Information TechnologyCommented:
@alex,

did you check my link?
0
Tom CieslikIT EngineerCommented:
Because You've imported it already,,, read my posts about IIS and ECP
0
Tom CieslikIT EngineerCommented:
IIS

Capture.JPG
Capture.JPG
Capture.JPG
0
Alex saenzIT CoordinatorAuthor Commented:
Tom,

I believe the bindings are correct.

2018-01-01-13_24_56-server10---Remot.png
0
Tom CieslikIT EngineerCommented:
After you will assign certificate to all addresses you have installed and certificate was issued for, restart IIS Admin service

Make sure in ECP / Servers / Certificates your new certificate is listed and protocols are selected
0
Tom CieslikIT EngineerCommented:
This bidings you have is only for localhost, it's not going to work from outside,,,,

You must bind your emailserver.domain.com and autodiscover.domain.com also and do not put any IP in field, so it will work for all IPs
1
Tom CieslikIT EngineerCommented:
Problem resolved.
Certificate store was damaged.
We was able to fix problem using certutil -repairstore My "thumbprint"
then we was able to create addresses in IIS and bind them to new certificate.

Site is working.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
yo_beeDirector of Information TechnologyCommented:
Nice.  Was this a private gig?
0
Tom CieslikIT EngineerCommented:
No, he doesn't have subscription so I did this for him as Pro Bono :)
0
yo_beeDirector of Information TechnologyCommented:
Nice guy.  Hope your year turns to be a good one.
1
Alex saenzIT CoordinatorAuthor Commented:
Tom was awesome. It took us about 4 hours to get this resolved. He never gave up, very professional and knowledgeable about exchange. I will definitely call upon him whenever I'm in a jam.
0
Tom CieslikIT EngineerCommented:
Thank You Alex :)
0
yo_beeDirector of Information TechnologyCommented:
Tom you should start freelancing ?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.