Certificates
Any Certificate related issues and tips. From creating certs to renewing them
-
Outlook Web Access stops working after renewing 3rd party Certificate
We had an interesting issue this week. We renewed our Exchange certificate with a 3rd party vendor. Installed the certificate on Exchange and ISA Server. OWA access from the internet stopped working after we installed the certificates. We tested OWA internally and it worked which pointed to something on the ISA server. After a long investigation we found the issue to be ISA running on Windows 2003 which is not compatible with the Secure Hash Algorithm 2 (SHA2) family of hashing algorithms that the certificates from our 3rd party cert provider issues. Microsoft has a hotfix available to get around this. We were able to access OWA from the internet…
-
Renewing TLS Certificate on a Hub Transport Server
I received an event today advising me that the local TLS certificate has expired and needs to be renewed. Here is the event info. We need to renew this Certificate otherwise mailflow in Exchange 2007 will stop working. To do this open Exchange Management Shell and type the following: Get-ExchangeCertificate | fl You will be presented with all the certs installed on the server. You need to now find the cert that has expired. An example of an expired cert is: AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule} CertificateDomains : {XXXX01, XXXX01.domainname.local} HasPrivateKey : True IsSelfSigned : True Issuer : CN=SERVER01 NotAfter : 2010/12/28 09:33:12 AM NotBefore : 2009/12/28 09:33:12…