locked
problem with certificate of external edge RRS feed

  • Question

  • Hello

    I have requested a certificate from godaddy for my external edge..I got certificate downloaded..on edge server I went to MMC and imported this certificate to personal and also trusted folder..now when I go to deployment wizard and assign certificate I cant see this ertificate...what is the error here?

    Tuesday, November 29, 2016 12:21 PM

Answers

  • Hi Lexi,

    Does the certificate you imported into the edge server from the public CA have the private key ?

    You open MMC on edge server with certificates add on, local server open personal store and double click on the edge public certificate in general tab you should see "You have a private key that corresponds to this certificate" if you dont see this the private key is missing and you need to import it with the private key. For edge server its recommended to not allow the private to be exportable but you need the private key present.

    Also its worth checking the certificate chain by clicking on the certification path and ensuring the trusted root certificate is installed on the server as well and the chain is valid.

    When you did the certificate request and sent this to your public CA have you imported the certificate from the public CA on the same computer you made the request from ?

    Thanks,

    Martin


    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer". Thank you. This forum post is based upon my personal experience and does not reflect the opinion or view of my employer.

    • Proposed as answer by Alice-Wang Wednesday, November 30, 2016 6:02 AM
    • Marked as answer by Lexi Mace Wednesday, November 30, 2016 9:06 AM
    Tuesday, November 29, 2016 5:30 PM
  • Hi Lexi Mace,

    Welcome to post in our forum.

    Regarding your issue, agree with Martin.Make sure you have imported a certificate with a private key.

    You could refer to the following blog deploy edge server certificate, it’s same to SFB server 2015https://technet.microsoft.com/en-us/library/gg398409.aspx?f=255&MSPPError=-2147217396

    Hope this reply helpful to you.


    Regards,

    Alice Wang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Lexi Mace Wednesday, November 30, 2016 9:06 AM
    Wednesday, November 30, 2016 6:14 AM

All replies

  • Hi Lexi,

    Does the certificate you imported into the edge server from the public CA have the private key ?

    You open MMC on edge server with certificates add on, local server open personal store and double click on the edge public certificate in general tab you should see "You have a private key that corresponds to this certificate" if you dont see this the private key is missing and you need to import it with the private key. For edge server its recommended to not allow the private to be exportable but you need the private key present.

    Also its worth checking the certificate chain by clicking on the certification path and ensuring the trusted root certificate is installed on the server as well and the chain is valid.

    When you did the certificate request and sent this to your public CA have you imported the certificate from the public CA on the same computer you made the request from ?

    Thanks,

    Martin


    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer". Thank you. This forum post is based upon my personal experience and does not reflect the opinion or view of my employer.

    • Proposed as answer by Alice-Wang Wednesday, November 30, 2016 6:02 AM
    • Marked as answer by Lexi Mace Wednesday, November 30, 2016 9:06 AM
    Tuesday, November 29, 2016 5:30 PM
  • Hi Lexi Mace,

    Welcome to post in our forum.

    Regarding your issue, agree with Martin.Make sure you have imported a certificate with a private key.

    You could refer to the following blog deploy edge server certificate, it’s same to SFB server 2015https://technet.microsoft.com/en-us/library/gg398409.aspx?f=255&MSPPError=-2147217396

    Hope this reply helpful to you.


    Regards,

    Alice Wang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Lexi Mace Wednesday, November 30, 2016 9:06 AM
    Wednesday, November 30, 2016 6:14 AM
  • Thanks a lot to both of u
    Wednesday, November 30, 2016 9:06 AM
  • Hi Lexi,

    You are welcome.

    We are glad to help you.

    If you have any other question in the further, welcome to post in our forum.


    Regards,

    Alice Wang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, November 30, 2016 9:23 AM