none
How do you create and configure Self Signed Certificate? RRS feed

  • Question

  • Hi,

    I've installed Exchange Server 2010 and would like to configure self-signed certificate. However the wizard available always has 'Self Signed Certificate' status to 'False'

    Is there are definite guide to configuring self signed certificate

     

    Regards


    http://www.newquayfood.co.uk
    Tuesday, June 21, 2011 1:05 PM

Answers

  • Hi,

    The setup program will create a self signed certificate so there should already be one there.

    The get-exchangecertificate should show this

    Use the new-exchangecertificate cmdlet to renew this when it expires.

    http://technet.microsoft.com/en-us/library/aa998327.aspx

    Leif

    • Proposed as answer by Evan LiuModerator Wednesday, June 22, 2011 7:44 AM
    • Marked as answer by sercan1 Friday, June 24, 2011 11:15 AM
    Tuesday, June 21, 2011 1:27 PM
  • Hi sercan1,

     

    Agree with Leif.

     

    You can follow the document given by Leif to use the New-ExchangeCertificate cmdlet to create a self-signed certificate, renew an existing self-signed certificate, or generate a new certificate request for obtaining a certificate from a certification authority (CA).

     

    Thanks,


    Evan Liu

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by sercan1 Friday, June 24, 2011 11:15 AM
    Wednesday, June 22, 2011 7:47 AM
    Moderator

All replies

  • Hi,

    The setup program will create a self signed certificate so there should already be one there.

    The get-exchangecertificate should show this

    Use the new-exchangecertificate cmdlet to renew this when it expires.

    http://technet.microsoft.com/en-us/library/aa998327.aspx

    Leif

    • Proposed as answer by Evan LiuModerator Wednesday, June 22, 2011 7:44 AM
    • Marked as answer by sercan1 Friday, June 24, 2011 11:15 AM
    Tuesday, June 21, 2011 1:27 PM
  • Hi sercan1,

     

    Agree with Leif.

     

    You can follow the document given by Leif to use the New-ExchangeCertificate cmdlet to create a self-signed certificate, renew an existing self-signed certificate, or generate a new certificate request for obtaining a certificate from a certification authority (CA).

     

    Thanks,


    Evan Liu

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by sercan1 Friday, June 24, 2011 11:15 AM
    Wednesday, June 22, 2011 7:47 AM
    Moderator
  • Basically I'm trying to enable Outlook Anywhere on my test Exchange Server 2010, however:

    https://mail.domain.com/rpc

     

    Asks for authentication, once complete, I get error "HTTP Error 503"

     


    http://www.newquayfood.co.uk
    Friday, June 24, 2011 12:07 PM
  • Hi,

    Outlook anywhere can't be used from a browser.

    What happens if you test the configuration using a powershell cmdlet:

    Test-OutlookConnectivity -Protocol:Http -GetDefaultsFromAutoDiscover:$true -verbose

    Leif

    Friday, June 24, 2011 12:43 PM
  • I'm sorry but I'm a complete newbie on this.

    I've run the command in Exchange Shell and I get

    "parameter set cannot be resolved using the specified named parameters"

     


    http://www.newquayfood.co.uk
    Friday, June 24, 2011 1:32 PM
  • Hi Leif,

    I know this topic is too old but I need some help to renew our existing self signed certificate.

    Base on the link that you provided I use the example number 5 and here's result

    Get-ExchangeCertificate : The certificate with thumbprint 3360A0B3A185439194739
    E2CFC049A230B42A842 was found but is not valid for use with Exchange Server (re
    ason: SigningNotSupported).
    At line:1 char:24
    + Get-ExchangeCertificate <<<<  -Thumbprint 3360a0b3a185439194739e2cfc049a230b4
    2a842 | New-ExchangeCertificate
        + CategoryInfo          : NotSpecified: (:) [Get-ExchangeCertificate], Cer
       tificateNotValidForExchangeException
        + FullyQualifiedErrorId : 149E7D95,Microsoft.Exchange.Management.SystemCon
       figurationTasks.GetExchangeCertificate

    Please guide me on how to solve this.

    Thanks,

    VhinDC

    Wednesday, July 31, 2013 8:21 AM
  • Leif is right,

    Self signes certifcate will last for 1 year, after that you to renew the certificate by using cmdlt new-exchangecertificate.


    Balwan Singh

    • Proposed as answer by Balwan Singh Friday, August 2, 2013 9:06 AM
    Thursday, August 1, 2013 10:39 PM
  • Yes you're right Balwan Singh.

    But I need to renew the self signed certificate again and above is the error occurred.

    VhinDC

    Friday, August 2, 2013 2:49 AM
  • Hi VhinDC

    The certificate with thumbprint 3360A0B3A185439194739E2CFC049A230B42A842 was found,but is not valid for use with Exchange Server beacuse this certificate has been expired. you can check that by using Cmdlt Get-exchangecertificate.

    So i will suggest you to use Examle only. when you use Cmdlt New-ExchangeCertificate you will get a new Certicate with new Time Stamp.

    Check  it Get-exchangeCertificate |fl

    After renewing the certificate you can remove expiored self signed certificate, by using cmdlt  Remove-ExchangeCertificate -Thumbprint

    Below link will be helpful.

    http://technet.microsoft.com/en-us/library/aa997569(v=exchg.150).aspx


    Balwan Singh

    • Proposed as answer by Balwan Singh Friday, August 2, 2013 9:19 AM
    Friday, August 2, 2013 9:19 AM
  • Got it! thanks Balwan Singh for your support and time.

    VhinDC

    Monday, August 5, 2013 6:59 AM