scraftaus
asked on
Unable to complete creating self-signed certificate for Exchange 2010
Trying to renew / create a new Self Sign certificate on Exchange 2010 running on Windows SBS 2011 Standard.
Followed this guide to created the new certificate:
https://social.technet.microsoft.com/wiki/contents/articles/13916.how-to-use-a-self-signed-certificate-in-exchange-2010.aspx
After completing the certificate request the certificate disappears from within Exchange Management Console.
I researched this and found this guide:
https://superuser.com/questions/930902/exchange-2010-certificate-missing-after-completing-pending-certificate-signing
I ran the certutil -repairstore my "SerialNumber" command
Then attempted the Enable-ExchangeCertificate command.
But I end up with the error:
The certificate with thumbprint XXXXX was found but is not valid for use with Exchange Server (reason: PkixKpServerAuthNotFoundIn EnhancedKe yUsage)
I have not been able to find a solution when I searched for this error.
Followed this guide to created the new certificate:
https://social.technet.microsoft.com/wiki/contents/articles/13916.how-to-use-a-self-signed-certificate-in-exchange-2010.aspx
After completing the certificate request the certificate disappears from within Exchange Management Console.
I researched this and found this guide:
https://superuser.com/questions/930902/exchange-2010-certificate-missing-after-completing-pending-certificate-signing
I ran the certutil -repairstore my "SerialNumber" command
Then attempted the Enable-ExchangeCertificate
But I end up with the error:
The certificate with thumbprint XXXXX was found but is not valid for use with Exchange Server (reason: PkixKpServerAuthNotFoundIn
I have not been able to find a solution when I searched for this error.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Or get one cheap on Namecheap for 9$ and configure DNS SVR for autodiscover. :)
https://www.namecheap.com/domains/registration/gtld/com/?gclid=Cj0KCQjwvo_qBRDQARIsAE-bsH_wYdLAYe5smIdr8dnmAXRxxODk7g2gm6cbFelXmxMteCYBlACndGsaAm8zEALw_wcB
https://www.namecheap.com/domains/registration/gtld/com/?gclid=Cj0KCQjwvo_qBRDQARIsAE-bsH_wYdLAYe5smIdr8dnmAXRxxODk7g2gm6cbFelXmxMteCYBlACndGsaAm8zEALw_wcB
The PkixKpServerAuthNotFoundIn
Provide the exact command you issued to generate your cert, attached as text, not an image.