Re: GoDaddy SSL Cert Exchange 2007

Thu, 27 May 2010 08:48:43 -0700 

You can always look in IIS to see if the cert is binding correctly. Just my
.02.

On Thu, May 27, 2010 at 8:17 AM, Carol Fee <c...@massbar.org> wrote:

>  E2K7 CAS/MB/HUB
>
> I used the following in EMS to generate the cert request which I submitted
> to GoDaddy.
>
> New-ExchangeCertificate -generaterequest -keysize 2048 -subjectname "c=US,
> l=Boston, s=Massachusetts, o=Massachusetts Bar Association,cn=massbar.org"
> -domainname MASSBAREX1,massbarex1.massbar.org,mail2.massbar.org,
> autodiscover.massbar.org -PrivateKeyExportable $true -path
> c:\certrequest.txt
>
>
>
> After downloading the SSL cert, I did the following
>
> [PS] C:\>Import-ExchangeCertificate -Path "c:\massbar.org.crt"
>
>
>
> Thumbprint                                Services   Subject
>
> ----------                                --------   -------
>
> ED6AF463B9E33D99F564676610D486E6C48EC701  .....      CN=massbar.org,
> OU=Doma...
>
>
>
> And then
>
> [PS] C:\>Enable-ExchangeCertificate -Thumbprint
> ED6AF463B9E33D99F564676610D486E6
>
> C48EC701 -Services "SMTP,IIS"
>
>
>
> Confirm
>
> Overwrite existing default SMTP certificate,
>
> 'BB40AC9127B72A0576E12D3E42AE3D55D6E89E4A' (expires 9/18/2010 3:02:29 PM),
> with
>
>  certificate 'ED6AF463B9E33D99F564676610D486E6C48EC701' (expires 5/26/2012
>
> 11:47:19 AM)?
>
> [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help
>
> (default is "Y"):y
>
> [PS] C:\>get-exchangecertificate
>
>
>
> Thumbprint                                Services   Subject
>
> ----------                                --------   -------
>
> ED6AF463B9E33D99F564676610D486E6C48EC701  ...WS      CN=massbar.org,
> OU=Doma...
>
> BB40AC9127B72A0576E12D3E42AE3D55D6E89E4A  IP..S      CN=MASSBAREX1
>
> 6D1A21BC512D35A86CDDADC354E32F8D1D5D50C3  .....      CN=*.massbar.org,
> OU=Se...
>
>
>
> My problem is that the cert seems to be for “Massbar.org” only, and not for
> any of the other identities.  So …. Outlook 2007 clients get a SSL error
> which they have to click through twice, and ActiveSync devices do not see
> the mailserver host name on the cert.
>
>
>
> What did I do wrong and how do I fix this ?
>
>
> *
> ------------------------------
> *
>
> *Carol Fee*
>
> Network Administrator
>
> 617-338-0623
>
> c...@massbar.org
>
>
>
>
>
> *   Massachusetts Bar Association*
>
>    20 West Street
>
>    Boston, MA 02111-1204
>    (617) 338-0500
>

<<image001.gif>>

Reply via email to