Import Certificate issues.

Discussion in 'Exchange Server Questions' started by Mark Chris, Nov 4, 2010.

  1. Mark Chris

    Mark Chris

    I am trying to import a UCC Go-daddy cert into exchange 2010. Im having some problems and seeking assistance. Here is what happened;

    *Created CSR request using DigiCerts Exchange 2010 CSR tool.

    *Sent the CSR request to GoDaddy.

    *Received the crt file back from GoDaddy.

    *Use the following command to generate cert request on EMS;

    (I removed relevant company info from command)

    Set-Content -path " C:\name of csr file" -Value (New-ExchangeCertificate -GenerateRequest -KeySize 2048 -SubjectName " c=US, s=, l=, o=, ou=Information Technology, cn=" -DomainName,, -PrivateKeyExportable $True)

    In EMC, under Server Config-Exchange Certs... A pending request appears.

    *Ran the following in EMS;

    Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path C:\ -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services “IIS”

    *In EMC, I assigned the Services to the new cert.

    *My counterpart stated that he messed up the GoDaddy UCC request and submitted a new one and recommended I import the new cert.

    *In EMC, removed the certificate I just imported. Leaving the exchange default cert that was installed when I installed exchange 2010. I've enabled this cert and assigned services to it.

    *Im my attempts to get the new cert imported... I am receiving the following message;

    [PS] C:\Windows\system32>Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\crt file

    -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services " IIS"

    Cannot import certificate. A certificate with the thumbprint D963C602DA36783C337B40B9E1D5C451B2757405 already exists.

    + CategoryInfo : WriteError: :)) [Import-ExchangeCertificate], InvalidOperationException

    + FullyQualifiedErrorId : 7288D023,Microsoft.Exchange.Management.SystemConfigurationTasks.ImportExchangeCertificate

    I've tried everything....removing any reference to GoDaddy or the new cert from the Certificate MMC and attempting import. I've tried using the EMS to complete pending request and get the same error;

    Summary: 2 item(s). 1 succeeded, 1 failed.

    Elapsed time: 00:00:10

    Read file


    Exchange Management Shell command completed:

    Read binary stream from the file 'C:\cert file name'.

    Elapsed Time: 00:00:00

    crt file name



    Cannot import certificate. A certificate with the thumbprint D963C602DA36783C337B40B9E1D5C451B2757405 already exists.

    Exchange Management Shell command attempted:

    Import-ExchangeCertificate -Server 'Servername' -FileData '<Binary Data>'

    Elapsed Time: 00:00:10

    Can someone offer assistance to me... I've followed serveral posts from technet and the web and not making forward progress.

    Mark C
  2. Mark Chris

    Mark Chris

    I got this figured out....

    to get the default self-signed cert back... ran the new-exchangecertificate cmdlet and BAM!!!! back in business.

    then I regenerated my cert with a new csr, donloaded from go-daddy as a " exchange 2007" cert and imported.

    Im good to go.

    Mark C
Similar Threads
Forum Title Date
Exchange Server Questions import-exchangecertificate fails with dr. watson on Exchange 2010 sp1 using comodo certificate Sep 8, 2010
Using Outlook Isa 2006 can't import certificate Aug 31, 2009
Exchange Server Questions Cannot Import Certificate to Exchange 2010 May 31, 2010
Exchange Server Questions Importing Exchange Certificate still broken in Exchange 2010 RC1 via GUI Aug 31, 2009
Exchange Server Questions Importing Certificate Error Jul 30, 2009

Share This Page