Hello all,
I run exchange 2013 CU3 on Windows 2008 R2 and started running into certificate problems with Google Chrome putting a red slash through https and the lock icon. I checked with VeriSign (Symantec) and they are telling me it is because my cert is running an algorithm of SHA-1 and needs to be SHA256.
Of course I generated my cert about 2 years ago and Symantec is NO HELP - I looking up on how to generate a new CSR but I don't remember the fine details for all the services or if I need or to generate it through EAC or IIS manager (as Symantec publishes).
I go to EAC and I see 4 entries under certificates
1 - exchangexxxx cert (name of the cert) Issuer: CN-VeriSign Class 3 Secure Server CA VeriSign issued for services (Imap, POP, IIS, SMTP)
2 - Self-signed certificate Issuer: CN-Microsoft Exchange Server Auth Certificate (SMTP)
3 - Microsoft Exchange - Self-signed certificate Issuer=CN=nameofmyserver for services (Imap, POP, IIS, SMTP)
4 - No Name - Self-signed certificate Issuer:WMSvc-myservername
I'm sure I'm probably only dealing with number 1 but the steps to generate another CSR to send of to Symantec is not perfectly clear. I look for a step-by-step procedure and I get wildcards and friendly name enteries and at https://technet.microsoft.com/en-us/library/aa998327(v=exchg.150).aspx there are 5 examples.
I can very easily generate a CSR with just the FQDN (myserver.my.domain.whatever) but I'm not sure if it will cover everything from Imap, pop, IIS (which is probably OWA) and SMTP.
Sorry just don't do this every day - if anyone could point me in the right direction or give me some sort of step-by-step it would be appreciated.
rjm
Other recent topics
