Standalone CA server with Exchange 2010

Hi all,

not sure how I did it previously, but I am able to generate a usable certificate from my local CA server, which is standalone (not enterprise ver.).

I was trying to request for a new certificate for my exchange server currently but its mentioning not valid.

Is CA Standalone version not meant for Exchange servers? Due to parent/child domain we are not able to create enterprise CA in child domain, and we have no access to parent domain, using my AD account.

Thanks and Regards,

Low

July 10th, 2015 5:03am

Exchange doesn't care as long as it trusts the CA and it can get to the certificate revocation list (CRL).
Free Windows Admin Tool Kit Click here and download it now
July 10th, 2015 2:36pm

Hi Low,

Thank you for your question.

I agree with Ed. You could request a new certificate from a standalone CA.

We could refer to the following link to create a new Exchange certificate:

https://technet.microsoft.com/en-us/library/dd351057(v=exchg.141).aspx

If not, you could post the entire error information for our troubleshooting.

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim

July 13th, 2015 2:25am

Hi Ed and Jim,

Thanks for your reply.

I had been requesting for Exchange certificate as usual, shown as per below link.

https://technet.microsoft.com/en-us/library/dd351057(v=exchg.141).aspx

As my usual practice of applying CSR, I choose "Web Server" template, but in Standalone CA, there is no such option for me to choose.

Thanks and Regards,

Low

Free Windows Admin Tool Kit Click here and download it now
July 13th, 2015 9:05pm

You may have to publish the template.  That's documented in the Certificate Services documentation somewhere.
July 14th, 2015 2:53am

Hi Low,

By my testing, there is no Web Server on  standalone CA, when we logon CA then approve the certificate request, then download the certificate.

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim

Free Windows Admin Tool Kit Click here and download it now
July 16th, 2015 5:32am

Hi Jim,

Base on your testing, can you confirm Standalone CA can work with Exchange certificate?

FYI, my Standalone CA do not have Enterprise CA as well. Will try again to generate.

Thanks and Regards,

Low

July 20th, 2015 8:51pm

I answered that question.  All that is required is that you will have to make sure that the CA's root is in the trusted root store in all clients.
Free Windows Admin Tool Kit Click here and download it now
July 20th, 2015 9:07pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics