NEED TO RENEW SSL CERTIFICATE but between my exchange and my provider there is confusions.

philjans
philjans used Ask the Experts™
on
Hi,
I don't understand how the process works.
My Exchange 2016 server tells me its certificate expired today.
I exchange certificate I see "Renew" BUT on my GoDaddy provider I see "Certificate Emitted"  and the date is good up to 2021.
So why would I need in Exchange to click Renew and like do the whole process of validation when with goDaddy I can download the already prepared new certificate..
Can I just "import" it in exchange....
Confusing....
tx for the clarifications.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2016

Commented:
download and install the certificate and in certificate manager get the signature of the certificate now in exchange shell
https://www.digicert.com/csr-creation-ssl-installation-exchange-2016.htm

Author

Commented:
so I just skip no.1 "To create your certificate signing request (CSR), see" and start at no.2?

Author

Commented:
Step 6 don't match... it says "On the Certificates page, in the center pane, select your certificate request and then in the certificate request details pane to the right, under Status, click the Complete link. "   but I have "Renew"... so it doesn't work
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Exchange Engineer
Distinguished Expert 2018
Commented:
See the below link to assist you with renewing your exchange cert. The cert in Godaddy may be current because you have it set to auto renew. You will still need to create the cert in Exchange and import it into Godaddy for the new cert. See the below link on the step to renewing the cert in Exchange. Exchange 2013 and 2016 are the exact same steps.

https://practical365.com/exchange-server/renewing-an-ssl-certificate-for-exchange-server-2013/

Once you create the CSR and import to Godaddy and Godaddy prepares and send you the new cert see the below step by step instructions to install the new cert into your exchange server:

https://www.godaddy.com/help/exchange-server-2016-install-a-certificate-27338
MaheshArchitect
Distinguished Expert 2018

Commented:
If godaddy panel you already have new cert with private key, u can simply import it on exchange server and assign services
Certificate can be imported from mmc console or from exchange console as well
Hani M .S. Al-habshiContributor as IT Expert

Commented:
My Exchange 2016 server tells me its certificate expired today. I exchange certificate I see "Renew" BUT on my GoDaddy provider I see "Certificate Emitted"  and the date is good up to 2021.


Please check Client Access Server setting before if it's configured correctly ...

http://www.shudnow.net/2013/07/26/outlook-certificate-error-and-autodiscover-domain-com-not-working/?fbclid=IwAR1Co2MePrjqNrCik3VI5amAPlIl828d5LNueid7m95mL12qMuMkZFa_X1Y
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Tests you can do...

# Test any installed cert
echo QUIT | openssl s_client -servername $host -connect $host:995 | openssl x509 -noout -text | grep DNS:

# Test any cert file before installation
cat [cert|fullchain].pem | openssl x509 -noout -text | grep DNS:

Open in new window


Better to always test/know than guess.

Be sure you test your actual live cert to determine if it's still live or not.

Only trust the openssl tool... Your mileage will vary with other tools...

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial