I accidentally deleted the last certificate showing in the EMC>Server> dialog box.<grin>

Ask a question

Saturday, January 21, 2012 6:54 PM

0

I need to know if I reboot the server will I still get access to the EMC if it has no certificate installed?? If that is the case or not how do I Import a new certifiacte which I was attempting to do anyway. Appreciate any help folks.
Jim
- Reply
- Quote

All Replies

Saturday, January 21, 2012 7:02 PM

Moderator

0
If you want to create a new self-signed certificate that is created by Exchange itself simply enter

New-ExchangeCertificate with no switches.

http://technet.microsoft.com/en-us/library/aa998327.aspx

If you need to import an existing cert and assign services to it:

http://technet.microsoft.com/en-us/library/dd351183.aspx

http://technet.microsoft.com/en-us/library/dd351257.aspx
- Proposed As Answer by Simon_WuMicrosoft Contingent Staff, Moderator Tuesday, January 24, 2012 7:14 AM
- Marked As Answer by Simon_WuMicrosoft Contingent Staff, Moderator Monday, January 30, 2012 3:25 AM
- Reply
- Quote
Saturday, January 21, 2012 7:20 PM

0
I am pretty sure that if you restart the Exchange services, Exchange will create a certificate on its own.

Simon.
Simon Butler, Exchange MVP
Blog | Exchange Resources | In the UK? Hire Me.
- Proposed As Answer by Simon_WuMicrosoft Contingent Staff, Moderator Tuesday, January 24, 2012 7:14 AM
- Marked As Answer by Simon_WuMicrosoft Contingent Staff, Moderator Monday, January 30, 2012 3:25 AM
- Reply
- Quote
Saturday, January 21, 2012 7:41 PM

Moderator

0

I am pretty sure that if you restart the Exchange services, Exchange will create a certificate on its own.

Simon.

Simon Butler, Exchange MVP
Blog | Exchange Resources | In the UK? Hire Me.

Yep, from what I have seen that is the case, though I havent tested it completely :P
- Reply
- Quote
Sunday, January 22, 2012 3:29 AM

0
Except that I start the EMC and click on Server Configuration and the Exchange certifiactes box is empty and I get the red button with white x saying Microsoft Echange popup dialog saying. The Object was not found. It was running the comman 'Get-ExchangeCertificate -Server 'SQSRV'

Does autoenrollment not enabled have anything to do with this?. I createed a new certifiacte request which I now need to know how to get it into exchange since I cant use EMC cause I cannot find where to finish the request

Jim
- Edited by jim t s Sunday, January 22, 2012 3:32 AM
- Reply
- Quote
Sunday, January 22, 2012 3:55 AM

0

Hi Jim,

You can use EMS to assign certificate. Did you tried that ?

Managing Certificates using Exchange 2010 Management Shell:

http://www.mikepfeiffer.net/2010/03/managing-certificates-using-exchange-2010-management-shell/
Anil MCC 2011,ITIL V3,MCSA 2003,MCTS 2010, My Blog : http://messagingschool.wordpress.com
- Reply
- Quote
Sunday, January 22, 2012 12:18 PM

0

You need to restart the Exchange services as I have said.
That should force Exchange to recreate a self signed certificate, which will give you access to everything again - basically the same thing that happens when Exchange is first installed.

You might be lucky and the previous certificate is still in the Certificates MMC applet - if it is then you can use IIS manager to bind that certificate to the Default Web Site. That should allow the Exchange management tools to work.

Simon.
Simon Butler, Exchange MVP
Blog | Exchange Resources | In the UK? Hire Me.
- Reply
- Quote
Sunday, January 22, 2012 1:40 PM

0

Hi Sembee, thank for your reply. I've actually rebooted the server twice since this problem appeared. I can still login remotely to OWA which shows the certificate correct but when I log into the server and then to EMC > Server Configuration the error shows still. The EMC is trying to Get-ExchangeCertificate but cannot find the Object. How do I bind the particular ceertificate using IIS?

Jim
Jim
- Reply
- Quote
Sunday, January 22, 2012 2:38 PM

Moderator

0

Hi Sembee, thank for your reply. I've actually rebooted the server twice since this problem appeared. I can still login remotely to OWA which shows the certificate correct but when I log into the server and then to EMC > Server Configuration the error shows still. The EMC is trying to Get-ExchangeCertificate but cannot find the Object. How do I bind the particular ceertificate using IIS?

Jim

Jim

Did you assign the cert to the IIS service per Anil's suggestion above?
- Reply
- Quote
Sunday, January 22, 2012 2:48 PM

0

can you show me step-by-step what exactly sembee was meaning? Are you meaning to click Default Web Site Right-click>bindings> click on 443 * > then select the desired certificate > then click OK?

Jim
- Reply
- Quote
Sunday, January 22, 2012 3:14 PM

Moderator

0

Can you open Exchange Powershell?

If so, then get-exchangecertificate to see the cert and thumprint of that certificate you created with new-exchangecertificate.

Then use enable-exchangecertificate to assign the services to the cert:

http://technet.microsoft.com/en-us/library/dd351257.aspx
- Reply
- Quote
Monday, January 23, 2012 6:32 AM

0

A_D

i get this error when running get-exchangecertificate

Object was not found.

+CategoryInfo :NotSpecified: (:) [Get-ExchangeCertificate], InvalidOperationException

+FullyQualifiedErrorId : 715ED1AB,Microsoft.Excchange.Management.SystemConfigurationTasks.GetExchangeCertificate

Jim
- Reply
- Quote
Monday, January 23, 2012 8:00 AM

0

Hi,
Whatif you run new-exchangecertificate as suggested by A_D_ earlier?
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 6:08 PM

0

Martina,

I can go into EMC > Server Configuration right click, create New Exchange Certificate. I then go through the import process being I can self-sign a certificate.

As soon as I complete the import in EMC it pops up the error box descibed obove.

it seems the Get-ExchangeCertificate is not able to find the certificate object.

Jim
- Reply
- Quote
Monday, January 23, 2012 6:16 PM

0

Hi Jim,
That doesn't tell us what you get when you run new-exchangecertificate in Exchange Managmenet Shell (EMS).
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 7:27 PM

0

Hi Martina here it is mt apolagies,

Object was not found.

+CategoryInfo :NotSpecified: (:) [Get-ExchangeCertificate], InvalidOperationException

+FullyQualifiedErrorId : 715ED1AB,Microsoft.Excchange.Management.SystemConfigurationTasks.GetExchangeCertificate

Its a dialog box with the red /white x button error box

Jim

Jim
- Reply
- Quote
Monday, January 23, 2012 7:36 PM

0

Hmm, did you really get that error message when you ran new-exchangecertificate in EMS??
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 7:41 PM

0

The error message did not show while running the command New-ExchangeCErtificate but shows when at the stage of Importing the certificate pfx file.

As well if using the EMS shell to run the command Get-ExchangeCertificate it displays the text I pasted to you above.

Now to clear confusion, When I use the EMC Console in the Server Configuration (highlighted) then right click on this to Import the new created certificate then at the end of this dialog import the error appears.
Jim
- Reply
- Quote
Monday, January 23, 2012 8:04 PM

0

Have you tried importing the certificate in EMS?
If not, then I would recommend you to do so. Don't forget to start EMS with elevated privileges (run as administrator)

Import-ExchangeCertificate
http://technet.microsoft.com/en-us/library/bb124424.aspx
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 8:07 PM

0

MArtina,

Yes, I have and after it seems to run a bit it then attempts to Get-ExchangeCertificate to verify the import and I get the same error but in red text.
Jim
- Reply
- Quote
Monday, January 23, 2012 8:08 PM

0

Can you post a picture of that?
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 8:22 PM

0

I get this error no matter if I am importing certifiacte or just running Get-exchangeCertificate

Jim
- Reply
- Quote
Monday, January 23, 2012 8:24 PM

0

Can you post the hole EMS windows when you run import-exchangecertificate including the titel bar?
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 8:30 PM

0

Do you mean EMC?

Jim
- Reply
- Quote
Monday, January 23, 2012 8:32 PM

0

Nopp, I'm only talking about EMS.
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 9:18 PM

0

Martina,

What I sent you is what only shows or are you needing to see that it says Administrator EMS on the title bar? I'll be out of office for a couple hours so will get back to you then. I DO appreciate your help.
Jim
- Reply
- Quote
Monday, January 23, 2012 9:23 PM

0

Yes, that was the reason I wanted to see the title bar.
I have seen so many times people having problems with running the *-exchangecertificate just because they didn't run EMS with elevated privilages.
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 9:26 PM

0

I see and agree.

I actually make a habit to right-click on my EMS or EMC menu item and select Run As Administrator. Here is the pic of the dialog from the EMC as well. If yu still need I can send the EMS full window when I get back to the office.

Jim
- Reply
- Quote
Monday, January 23, 2012 9:28 PM

0
No, you don't need to post the EMS full window :)

..but do post the commands for import-exchangecertificate.

Martina Miskovic
- Edited by Martina_MiskovicMicrosoft Community Contributor Monday, January 23, 2012 9:29 PM
- Reply
- Quote
Monday, January 23, 2012 9:32 PM

Moderator

0

Coming back into this late, so forgive me I have missed this, but can you import a certificate into the personal store of the server via the Certificate MMC rather than using the Exchange tools?
- Reply
- Quote
Monday, January 23, 2012 9:44 PM

0

Coming back into this late, so forgive me I have missed this, but can you import a certificate into the personal store of the server via the Certificate MMC rather than using the Exchange tools?

Good Idea A_D_!
Martina Miskovic
- Reply
- Quote
Monday, January 23, 2012 10:15 PM

0

Ok, well import into personal store of a test certificate has worked fine, no errors.

Jim
- Reply
- Quote
Monday, January 23, 2012 10:55 PM

Moderator

0

Ok, well import into personal store of a test certificate has worked fine, no errors.

Jim

Can the Exchange tools see it now?
- Reply
- Quote
Monday, January 23, 2012 11:11 PM

0

not yet Still same Object Not Found error.
Jim
- Reply
- Quote
Tuesday, January 24, 2012 5:57 PM

0

Hi A_D

Any further Ideas, I'm drawing blanks. Was wondering if it is possible to uninstall then reinstall the EMC tool?? Would that perhaps reestablish the ability for EMC to find the Object it is looking for. I'm not sure tho if the EMC can be uninstalled then reinstalled?

Thx much

Jim
Jim
- Reply
- Quote
Tuesday, January 24, 2012 8:19 PM

Moderator

0

If you open up IIS 7 Manager, can you see the certificate under "Server Certificates"?
- Reply
- Quote
Wednesday, January 25, 2012 5:13 PM

0

Hi A_D

Yes, I can see the certifiacte in the IIS 7 Manager. Also I know it is working since I can HTTPS to my OWA site and the Certifiacte shows fine. IN fact it is doing its job in terms of the OWA and the internal network. So actually iti si working on all aspects of its function. The ONLY issue now is that I cannot view it in the EMC. I get that Object not found error still, in fact we cannot view any certificate within the EMC Server Configuration > Exchange Certifiactes box, as soon as I highlight Server Configuation in the EMC the Object not found box pops up.

This is why I was enquiring can and would it help to uninstall then reinstall the Exchange tools. (Im not sure if this is possible).
Jim
- Reply
- Quote

I accidentally deleted the last certificate showing in the EMC>Server> dialog box.<grin>

All Replies

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support by product

Other support links

Not an IT pro?