none
Event ID 24 MSExchange Web Services RRS feed

  • Question

  • Hi I have a basic question regarding certificates. Certificate is expired in november 2011, and I replace that cert with new one in SBS 2011 via SBS console. Now I am getting the error that exchange still use old certificate from 2011. Shall I performe once again add certificate or shall I add different certificate directly via set-exchangecertificate thumb ?? Can I delete old cert ? How to delete it (from certificates MMC or remove-exchangecertificate) ?

    I know that these are basic question but since I am junior admin I would appreciate any help.

    Thanks.

    Tuesday, February 7, 2012 10:52 AM

Answers

  • Hi,

    I agree with Vibha. “Add a Trusted Certificate Wizard” will meet your target. At the same time, I would like to share a link for your reference:

    Title: Request and install a trusted certificate
    URL: http://technet.microsoft.com/en-us/library/cc546059.aspx

    If you would like to use the command in the EMS, it could be done too. At first, you need to verify which certificate you would like to remove.

    1.  You will the old certificate thumbprint.

    Get-ExchangeCertificate |FL

    2.  You need to remove the old Exchange certificate. Note: If you would like to keep the old one, you could use the MMC to export the old Exchange certificate to the local.

    Remove-ExchangeCertificate -Thumbprint <The Old Certificate’s Thumbprint>

    3.  You need to import the certificate

    Import-ExchangeCertificate -Path <The path of the Certificate> -Password <The certificate password>

    4.  Assign the services to the new imported certificate. Note: you need to run Get-ExchangeCertificate to get the new imported certificate’s thumbprint first.

    Enable-ExchangeCertificate -Services “IMAP, POP, SMTP, IIS” -Thumbprint <The new imported Certificate Thumbprint>

    5.  View the new imported Certificate properties

    Get-ExchangeCertificate -Thumbprint <The new imported certificate Thumbprint> |FL

    Regards,
    James


    James Xiong

    TechNet Community Support

    Wednesday, February 8, 2012 5:56 AM
    Moderator
  • Remove-ExchangeCertificate -Thumbprint <expired certificate's thumbprint>
    Wednesday, February 8, 2012 6:36 PM

All replies

  • We provide "Add a trusted certificate Wizard" for this exact same purpose :)
    Tuesday, February 7, 2012 1:08 PM
  • Hi,

    I agree with Vibha. “Add a Trusted Certificate Wizard” will meet your target. At the same time, I would like to share a link for your reference:

    Title: Request and install a trusted certificate
    URL: http://technet.microsoft.com/en-us/library/cc546059.aspx

    If you would like to use the command in the EMS, it could be done too. At first, you need to verify which certificate you would like to remove.

    1.  You will the old certificate thumbprint.

    Get-ExchangeCertificate |FL

    2.  You need to remove the old Exchange certificate. Note: If you would like to keep the old one, you could use the MMC to export the old Exchange certificate to the local.

    Remove-ExchangeCertificate -Thumbprint <The Old Certificate’s Thumbprint>

    3.  You need to import the certificate

    Import-ExchangeCertificate -Path <The path of the Certificate> -Password <The certificate password>

    4.  Assign the services to the new imported certificate. Note: you need to run Get-ExchangeCertificate to get the new imported certificate’s thumbprint first.

    Enable-ExchangeCertificate -Services “IMAP, POP, SMTP, IIS” -Thumbprint <The new imported Certificate Thumbprint>

    5.  View the new imported Certificate properties

    Get-ExchangeCertificate -Thumbprint <The new imported certificate Thumbprint> |FL

    Regards,
    James


    James Xiong

    TechNet Community Support

    Wednesday, February 8, 2012 5:56 AM
    Moderator
  • Hi, thanks for the quick reply. I did import via add trusted certificate wizard , and I will let you know if error / warning starts once again. I am also receiving error ID 64 that certificate has expired . I looked into certificates (MMC) and that is the certificate from previous year. Can I just delete that certificate or there is some special steps that are needed to be done
    Wednesday, February 8, 2012 4:31 PM
  • Remove-ExchangeCertificate -Thumbprint <expired certificate's thumbprint>
    Wednesday, February 8, 2012 6:36 PM
  • Hi, thanks for the quick reply. I did import via add trusted certificate wizard , and I will let you know if error / warning starts once again. I am also receiving error ID 64 that certificate has expired . I looked into certificates (MMC) and that is the certificate from previous year. Can I just delete that certificate or there is some special steps that are needed to be done

    Nope, if you are 100% sure that the expired certificate is not used any more. Please feel free to delete it.

    Regards,

    James


    James Xiong

    TechNet Community Support

    Monday, February 13, 2012 3:09 AM
    Moderator