locked
Changing Excahnge 2007 CAS certificate RRS feed

  • Question

  • Hi all,

    Our certificate for OWA, Outlook, Autodiscovery will expire soon, so we are in prepariation for changing it. Its isnt a publicly trusted cert, it issued by our Cert Auth. We are not using the New-ExchangeCertificate requst from Exchange. We have a generated cert.

    What is the correct procedure to replace the Exhcange Cert?

    1.  Import-ExchangeCertificate -Path "C:\CertificateFile.cer"

    2. Enable-ExchangeCertificate <thumprint> -Services:"IMAP, POP, IIS"

    Will this be enought. Will the new cert take the Services from the old one? Do we have to do some addtional configuration for Exachnge so that ActiveSync, Owa, Outlook continue to work with the new cert, or is this enought?

    Tnx!

    Zarko


    Monday, August 15, 2011 8:25 AM

Answers

  • HI Zarko,

    YOu can renew certificate by just use new certificate from your local CA and then enable it for needed services, Later you can remove old certificate. Renew and create new certificate both are same proceedure.

    You can use by below post for renew certifcate and delete old one.

    http://messagingschool.wordpress.com/2011/03/31/renew-certificates-in-exchange-2007-hub-cas/


    Anil MCC 2011,ITIL V3,MCSA 2003,MCTS 2010, My Blog : http://messagingschool.wordpress.com
    • Proposed as answer by Anil K Singh Monday, August 15, 2011 9:04 AM
    • Marked as answer by ZarkoC Monday, August 15, 2011 9:07 AM
    Monday, August 15, 2011 9:04 AM

All replies

  • HI Zarko,

    YOu can renew certificate by just use new certificate from your local CA and then enable it for needed services, Later you can remove old certificate. Renew and create new certificate both are same proceedure.

    You can use by below post for renew certifcate and delete old one.

    http://messagingschool.wordpress.com/2011/03/31/renew-certificates-in-exchange-2007-hub-cas/


    Anil MCC 2011,ITIL V3,MCSA 2003,MCTS 2010, My Blog : http://messagingschool.wordpress.com
    • Proposed as answer by Anil K Singh Monday, August 15, 2011 9:04 AM
    • Marked as answer by ZarkoC Monday, August 15, 2011 9:07 AM
    Monday, August 15, 2011 9:04 AM
  • Tnx Anil, for confirming.

    So all of the services like Outlook, OWA, ActiveSync, AutoDsicovery will use the new one, by default then?

    Monday, August 15, 2011 9:08 AM
  • yes, Just you have to enable them as Services:"IMAP, POP, IIS"SMTP.
    Anil MCC 2011,ITIL V3,MCSA 2003,MCTS 2010, My Blog : http://messagingschool.wordpress.com
    Monday, August 15, 2011 9:19 AM