NEED TO RENEW SSL CERTIFICATE but between my exchange and my provider there is confusions.

philjans used Ask the Experts™
I don't understand how the process works.
My Exchange 2016 server tells me its certificate expired today.
I exchange certificate I see "Renew" BUT on my GoDaddy provider I see "Certificate Emitted"  and the date is good up to 2021.
So why would I need in Exchange to click Renew and like do the whole process of validation when with goDaddy I can download the already prepared new certificate..
Can I just "import" it in exchange....
tx for the clarifications.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2016

download and install the certificate and in certificate manager get the signature of the certificate now in exchange shell


so I just skip no.1 "To create your certificate signing request (CSR), see" and start at no.2?


Step 6 don't match... it says "On the Certificates page, in the center pane, select your certificate request and then in the certificate request details pane to the right, under Status, click the Complete link. "   but I have "Renew"... so it doesn't work
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Exchange Engineer
Distinguished Expert 2018
See the below link to assist you with renewing your exchange cert. The cert in Godaddy may be current because you have it set to auto renew. You will still need to create the cert in Exchange and import it into Godaddy for the new cert. See the below link on the step to renewing the cert in Exchange. Exchange 2013 and 2016 are the exact same steps.

Once you create the CSR and import to Godaddy and Godaddy prepares and send you the new cert see the below step by step instructions to install the new cert into your exchange server:
Distinguished Expert 2018

If godaddy panel you already have new cert with private key, u can simply import it on exchange server and assign services
Certificate can be imported from mmc console or from exchange console as well
Hani M .S. Al-habshiContributor as IT Expert

My Exchange 2016 server tells me its certificate expired today. I exchange certificate I see "Renew" BUT on my GoDaddy provider I see "Certificate Emitted"  and the date is good up to 2021.

Please check Client Access Server setting before if it's configured correctly ...
David FavorFractional CTO
Distinguished Expert 2018

Tests you can do...

# Test any installed cert
echo QUIT | openssl s_client -servername $host -connect $host:995 | openssl x509 -noout -text | grep DNS:

# Test any cert file before installation
cat [cert|fullchain].pem | openssl x509 -noout -text | grep DNS:

Open in new window

Better to always test/know than guess.

Be sure you test your actual live cert to determine if it's still live or not.

Only trust the openssl tool... Your mileage will vary with other tools...

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial