locked
Just renewed our SSL certs through godaddy RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    I decided to check the box through go daddy that said use CSR so I never actually started a renewal process through exchange.  I now have two certificate files from godaddy and am wondering what proper route is for applying the renewed certs?
    Wednesday, June 12, 2013 5:52 PM

Answers

All replies

  • Question
    Sign in to vote
    1
    Sign in to vote

    This how we generally renew Exchange Certificate:

    1. Generate a new CSR

    2. Get the new Cert from vendor (with new CSR)

    3. Import the new Cert and assign the necessary services (IIS)

    4. Remove the old cert

    The vendors generally provide two certificates, One for Exchange and the other is Intermediate.

    OM (MCITP) | Blog

    Wednesday, June 12, 2013 6:05 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Thanks for the feedback, in speaking with GoDaddy, they confirmed that with any MS product you should alway originate renewal request from whatever product is it, vs telling godaddy to use prior
    Wednesday, June 12, 2013 7:51 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Indeed !!!

    You can follow this article for the steps involved.

    How To Renew Exchange Server 2010 Certificates

    OM (MCITP) | Blog

    • Proposed as answer by Juke Chou Thursday, June 13, 2013 8:46 AM
    Wednesday, June 12, 2013 8:06 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Thanks for the feedback, in speaking with GoDaddy, they confirmed that with any MS product you should alway originate renewal request from whatever product is it, vs telling godaddy to use prior

    And I would follow their guidance for completing their certificate renewal process.  Pay attention to what intermediate certs are needed.  Some vendors make this really obfuscated, and you have to delete in-box certs and replace them with updated intermediates from the vendor's site :( 

    Have you got this completed now ?

    Cheers,

    Rhoderick

    Microsoft Senior Exchange PFE

    Blog: http://blogs.technet.com/rmilne  Twitter:   LinkedIn:   Facebook:   XING:

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, June 13, 2013 1:51 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Have not completed yet, because we originally thought we could use previous CSR we have to rekey on the godaddy side, the problem i'm having is i'm unsure how to generate a new csr from the exchange side
    Thursday, June 13, 2013 1:57 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You can use the EMC or powershell to create a new CSR. This shows using the EMC

    http://www.msexchangegeek.com/2009/05/13/exchange-2010-emc-and-certificates-management-part-1/

    You can look at your current cert to see the values used.

    Also see:

    http://www.digicert.com/csr-creation-microsoft-exchange-2010.htm

    And installation:

    http://www.digicert.com/ssl-certificate-installation-microsoft-exchange-2010.htm

    Once installed to one exchange server, you'll want to use the EMC (or shell) to export the exchange cert as a .pfx.   Then you can install it on additional servers.

    Thursday, June 13, 2013 3:06 PM