locked
Updated Self Signed Cert But not all services are in new Updated cert RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Running Exchange 2007 SP/3 - Have two hub servers and one CCR.

    I ran the -ExchangeCertificate -Thumbprint 3F97AA40AA8E5E620ADB1E0D807EF87290179087 | New-ExchangeCertificate command to update the existing certificate on my original hub server ( added a second hub server about 3 months ago ).

    The problem I'm having is when I updated the certificate it did not include IIS. I only had one cert on the machine and it did have the W included in it but when I generated the new certifcate it does not include IIS.

    Is this because I have two hub servers?

    What can I do to resolve this? Do I need to create a seperate self signed cert for IIS?

    Tuesday, July 10, 2012 10:17 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    Self-signed certificates don't help you much for web services unless you import that certificate on every client that uses it as a trusted certificate.  You can assign services to the certificate by using the Enable-ExchangeCertificate cmdlet.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    • Marked as answer by D303M Wednesday, July 11, 2012 2:19 PM
    Tuesday, July 10, 2012 10:26 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    Self-signed certificates don't help you much for web services unless you import that certificate on every client that uses it as a trusted certificate.  You can assign services to the certificate by using the Enable-ExchangeCertificate cmdlet.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    • Marked as answer by D303M Wednesday, July 11, 2012 2:19 PM
    Tuesday, July 10, 2012 10:26 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    That resolved it. The old cert still showed to be the cert for IIS.

    Once I ran this command it removed IIS from the old cert and applied it to the new cert I generated earlier:

    Enable-ExchangeCertificate -Thumbprint F04164B745F67746D0055194F42121262D99A925 -Services "POP,IMAP,SMTP,IIS"

    Thanks for 1. Giving the resolution and 2. Giving it to my so quickly. I was sweating bullets.

    Thank you

    • Marked as answer by D303M Tuesday, July 10, 2012 10:53 PM
    • Unmarked as answer by D303M Wednesday, July 11, 2012 2:19 PM
    Tuesday, July 10, 2012 10:44 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Shouldn't my post be the answer, then?

    Happy to have helped.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Wednesday, July 11, 2012 4:51 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Sorry - yes I checked the wrong one. It was hard for me to see because I was crying tears of joy because you had helped me out of a tough spot :)

    Thank you again Ed.

    Wednesday, July 11, 2012 2:23 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    You're welcome!

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Thursday, July 12, 2012 5:57 AM