exchange 2010 - SHA2 - SSL installation on SBS 2011

TopCat-007
TopCat-007 used Ask the Experts™
on
hi,

I've a problem applying a new SHA2 Cert (from 123-Reg) to Exchange 2010

I created the request via the Certificate MMC as a custom request because this SBS 2011 server is SHA1 by default.   Right clicked the Certs and installed both the Intermediate and the actual cert for the host mail.zyx.com.

When I looked in the EMC I didn't have the option to complete the Cert request, so I looked in IIS, the option was there and it completed as expected.

When I opened EMC to assign the Cert to the services SMTP etc, the Certificate page didn't load and generated error object get exchange certificates not found.  upon running Get-ExchangeCertificate from powershell the same error is displayed.

I could assign the new cert to the default web site via ISS, which took care of OWA etc but still not the SMTP services etc

I found that if I remove the new cert from IIS - the EMC worked again and the old certs are shown as normal..

hope that's enough info, any help or ideas would be appreciated?  

Thanks TC
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Shreedhar EtteTechnical Manager
Top Expert 2010
Commented:
Try to Import the Certificate using Exchange Management Console.
Sr. Systems Administrator
Commented:
When you made the csr using the Certificates snap-in, Were you in User or Computer context? I have to agree with Shreedhar here. Export the certificate with key using the Certificates Snap-in and import it using the EMC. That way, you know it will be in the correct location.
Jeff that's a very good point - I think you've hit the nail on the head!  i'll check and just re-issue the cert, ensuring i'm in Computer

thank you both !

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial