Prev: Made a big mistake - VPN and RPC over HTTP (SBS 2003 Prem.)
Next: The received certificate has expired
From: Mike W. on 4 Jan 2010 14:33
Adding onto this a little bit:

Our certificate is from THAWTE. I doubt this has anything to do with being
able to export the private key, but since we had been talking about GoDaddy,
I wanted to make sure I was clear.

I logged into Exchange 2007 at another site. This server runs Server 2008
x64 Standard. I was able to export their cert (GoDaddy, FWIW) with the
private key and store it elsewhere. So, if I run into this problem when I
upgrade this site to Exchange 2007 sp2, I suspect I'll be in a better
position.

My colleague, by the way, says when he updated to SP2, he did download and
update using the so-called "Microsoft Exchange Server 2007 SP2 Installation
Tool for Windows SBS 2008." So, as far as we know, we followed the correct
procedure.

m
From: Bill Sanderson on 4 Jan 2010 14:38
I definitely needed to put the certificate into place again.

I was able to set the correct options--private key and the other one--on the
export.

And, in the end, I never used the export file--I simply pointed the wizard
at the current certificate and said use that one, and it did.

That said, I don't have confirmation back from the folks at the office that
this resolves what they were seeing, but I did open RWW from home (where I
am today--3 day worker)--and verify that the GoDaddy certificate was the one
in use.


"Mike W." <MikeW(a)discussions.microsoft.com> wrote in message
news:48842970-D7FB-4626-B776-B3B2BE846832(a)microsoft.com...
>
>
> "Bill Sanderson" wrote:
>
>> In my case, I simply read and followed the instructions in the install
>> certificate wizard. I was able to export the in-place (godaddy)
>> certificate
>> with no issues, but that wasn't needed--I proceeded through the wizard,
>> told
>> it to use the existing certificate, which it did without complaint.
>
> I read an blog post that referenced the GoDaddy certs and how exporting
> the
> in-place cert would work. However, the step-by-step that I had found
> indicated I need to export the private key. That option wasn't available
> to
> me. I am unsure why.
>
> Thanks for this follow-up. It's also curious that you ran into the same
> troubles...

From: Bill Sanderson on 4 Jan 2010 14:40
Indeed--I used that tool as well.

Out of curiosity--did you also apply the rollup update to Exchange SP2 after
applying SP2? I also did that patch.


"Mike W." <MikeW(a)discussions.microsoft.com> wrote in message
news:CAAEC777-6A4B-4747-9E45-581683053215(a)microsoft.com...
> Adding onto this a little bit:
>
> Our certificate is from THAWTE. I doubt this has anything to do with being
> able to export the private key, but since we had been talking about
> GoDaddy,
> I wanted to make sure I was clear.
>
> I logged into Exchange 2007 at another site. This server runs Server 2008
> x64 Standard. I was able to export their cert (GoDaddy, FWIW) with the
> private key and store it elsewhere. So, if I run into this problem when I
> upgrade this site to Exchange 2007 sp2, I suspect I'll be in a better
> position.
>
> My colleague, by the way, says when he updated to SP2, he did download and
> update using the so-called "Microsoft Exchange Server 2007 SP2
> Installation
> Tool for Windows SBS 2008." So, as far as we know, we followed the correct
> procedure.
>
> m

From: Ace Fekay [MCT] on 4 Jan 2010 15:11
"Mike W." <MikeW(a)discussions.microsoft.com> wrote in message
news:CAAEC777-6A4B-4747-9E45-581683053215(a)microsoft.com...
> Adding onto this a little bit:
>
> Our certificate is from THAWTE. I doubt this has anything to do with being
> able to export the private key, but since we had been talking about
> GoDaddy,
> I wanted to make sure I was clear.
>
> I logged into Exchange 2007 at another site. This server runs Server 2008
> x64 Standard. I was able to export their cert (GoDaddy, FWIW) with the
> private key and store it elsewhere.

Interesting it allowed you do do that.

Ace


From: Mike W. on 4 Jan 2010 16:31


"Ace Fekay [MCT]" wrote:

> The private key belongs to GoDaddy, and they hold it, hence why it's not
> exportable, because it's not part of the cert.

Ok. But then I'm confused as to why the Help File within SBS asks the user
to export the certificate with the private key. When would that be possible
if the cert creator holds the key?


First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4
Prev: Made a big mistake - VPN and RPC over HTTP (SBS 2003 Prem.)
Next: The received certificate has expired