Submitted the req file..But i am unable find in the issued certificate..
Hello Team, We have deployed new active directory server and installed Enterprise Certificate authority in it. Installed Exchange CAS&HUB sever in seprate box and Mailbox in seperate box. Logged in CAS server and clicked on submit new request in EMC for certificate. Selected the services and provided the SAN name. Then it asked to save the .req file. Saved it. Now logged into domain controller and open CA console. Submitted the req file..But i am unable find in the issued certificate.. I am got stucked in middle of implementationExchange Queries
June 28th, 2012 4:07am

Hi, You should be able to finde the issued certificate in the CA console as well. If not try to use the web part of the CA and do it from here (import the req and export the certificate) Leif
Free Windows Admin Tool Kit Click here and download it now
June 28th, 2012 4:12am

No it is not working on both console as well as web...i have done this so many timeExchange Queries
June 28th, 2012 4:33am

No it is not working on both console as well as web Hi, Did you request the certificate as following blog listed? Exchange 2007 Creating a Certificate through an Internal CA with Subject Alternate Names http://b41n5.wordpress.com/2010/07/15/exchange-2007-creating-a-certificate-through-an-internal-ca-with-subject-alternate-names/ Please make sure CA is working first, how about Download a CA certificate,certificate chain,or CRL?Frank Wang TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2012 2:16am

Thanks Frank, Found that CA server certificate is not got published on the Exchange Trusted Root ceritificate. Hence we imported the CA Server Certificate in the Exchange server and it started to work. But now we are planning to go for External CA - Comoda certificate. Kindly let me know will we need to publish all our SAN ( webmail.test.com, Autodiscover.mail.com, server1.mail.com, server2.mail.com, server1, server2) And will it be a best praticse to use the external comodo certificate for both internal and external access of exchange server) with 2048 key bit.Exchange Queries
July 1st, 2012 3:10am

Yes, it is better to use the 3rd party certificate. If you use internal CA, you should make sure the clients trust the CA, either by using group policy or by importing manually. About for generating a certificate with a 3rd party CA, please see the following Exchange team blog: Exchange 2007 lessons learned - generating a certificate with a 3rd party CA http://blogs.technet.com/b/exchange/archive/2007/02/19/3400537.aspxFrank Wang TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
July 1st, 2012 11:40pm

One question! :) I'll ask about your CAS namespace planning here, and why you want all those names on the cert. Vendors will typically charge per name, or you choose a cert bundle that has X number of names within it. They will also block you issuing a cert to test.com (not sure exactly what you are using for the domain name) but mixing multiple domain names into a single certificate will be a challenge if not an outright refusal from the vendor. Just because you do it internally with your own CA does not meant that they will do it. As to the names that you need, this goes back to how you planned the CAS namespaces. What URLs are you using internally, what URLs are you using externally. Do you have multiple data centres, how are you doing DR etc..... Some light reading here: http://technet.microsoft.com/en-us/library/dd351198.aspx OH - and the CASArray name does not have to be on the cert, and the name you use for the CASArray should NOT resolve in external DNS. Read these http://blogs.technet.com/b/exchange/archive/2012/03/23/demystifying-the-cas-array-object-part-1.aspx and then part 2. Cheers, Rhoderick NOTICE: My posts are provided AS IS without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
July 2nd, 2012 1:06pm

Hi Exchange Queries, Any updates?Frank Wang TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
July 3rd, 2012 10:04pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics