Into the certificates MMC (for Local Computer -> Personal Certificates).
Delete the one without a private key. From: Steve Hart [mailto:[email protected]] Sent: Tuesday, January 22, 2013 4:57 PM To: MS-Exchange Admin Issues Subject: Exchange 2007 Cert Problem MY SSL cert used for OWA is expiring in a week and I'm attempting to install the new cert. I created the Cert request a month ago, ran it through the CA and got the cert. After that I got caught up in other things and I never installed the cert. When I went to install the cert, I noticed there were a number of invalid certs on the machine, so to clean things up, I used Remove-Exchange Cert to delete all of the invalid and outdated certs. Looking back, I think, this is where I made the mistake, as I inadvertently deleted the cert request. I imported the cert OK using Import-ExchangeCertificate When I tried to use Enable-ExchangeCertificate, it errored out Enable-ExchangeCertificate : The certificate with thumbprint 7C4656C3061F7F4C0D67B319A855F60EBC11FC44 was found but is not valid for use with Exchange Server (reason: PrivateKeyMissing). Googling told that I needed to start from scratch, so I created a new CSR, rekeyed the cert with the CA and downloaded the new cert. Importing now errors out: Import-ExchangeCertificate -path c:\Certs\1-2013\Cert\wrightimg.com\gd_iis_intermediates.p7b Import-ExchangeCertificate : Cannot import as there already is a certificate with a thumbprint of 7C4656C3061F7F4C0D67B319A855F60EBC11FC44. I tried removing the previously imported cert: Remove-exchangecertificate -thumbprint 7C4656C3061F7F4C0D67B319A855F60EBC11FC44 Remove-ExchangeCertificate : The certificate with thumbprint 7C4656C3061F7F4C0D67B319A855F60EBC11FC44 was found but is not valid for use with Exchange Server (reason: PrivateKeyMissing). Where do I go now? Steve Hart Network Administrator Wright Business Graphics Inc. | wrightbg.com 18440 N.E San Rafael| Portland, OR 97230 503.491.4343 -Direct | 503.492.8160 - Fax --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe exchangelist
