exchange 2010 - SHA2 - SSL installation on SBS 2011


I've a problem applying a new SHA2 Cert (from 123-Reg) to Exchange 2010

I created the request via the Certificate MMC as a custom request because this SBS 2011 server is SHA1 by default.   Right clicked the Certs and installed both the Intermediate and the actual cert for the host

When I looked in the EMC I didn't have the option to complete the Cert request, so I looked in IIS, the option was there and it completed as expected.

When I opened EMC to assign the Cert to the services SMTP etc, the Certificate page didn't load and generated error object get exchange certificates not found.  upon running Get-ExchangeCertificate from powershell the same error is displayed.

I could assign the new cert to the default web site via ISS, which took care of OWA etc but still not the SMTP services etc

I found that if I remove the new cert from IIS - the EMC worked again and the old certs are shown as normal..

hope that's enough info, any help or ideas would be appreciated?  

Thanks TC
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Shreedhar EtteCommented:
Try to Import the Certificate using Exchange Management Console.
Jeff GloverSr. Systems AdministratorCommented:
When you made the csr using the Certificates snap-in, Were you in User or Computer context? I have to agree with Shreedhar here. Export the certificate with key using the Certificates Snap-in and import it using the EMC. That way, you know it will be in the correct location.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TopCat-007Author Commented:
Jeff that's a very good point - I think you've hit the nail on the head!  i'll check and just re-issue the cert, ensuring i'm in Computer

thank you both !
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.