Cannot remove expired Exchange DigiCert 2010 certificate

Hi all,

I recently successfully installed a Digicert certificate on our Exchange 2010 server as the old Digicert certificate was about to expire. I have verified that the certificate is installed correctly using the Digicert certificate Installation diagnostics tool and all  outlook and owa connectivity is good and using the new certificate.

The problem I am having is I cannot remove the old certificate from the server. This is the error:

These are the certs installed:

As you can see, the valid cert has all the required services, so I don't know why I can't remove the old certificate(s). Both the Exchange servers have been rebooted.

Any ideas / suggestions would be greatfully received.

Thanks

Robert

July 19th, 2013 8:05am

Hi,
Even if it looks like your new certificate is assigned to SMTP, that might not be the case at all.

Enable your new certificate manually for SMTP.
Example:
Enable-ExchangeCertificate -Thumbprint M7CAR9394TIC90C0E6BAD459EFF41852320B0028 -Services SMTP

...and then check that it has been assigned for internalTransport.
Example:
Get-TransportServer | fl Name, InternalTransportCertificateThumbprint
Free Windows Admin Tool Kit Click here and download it now
July 19th, 2013 8:21am

Yes, looks like it has not been assigned properly.

Assign it for all services to be on the safe side. It will ask whether to overwrite the cert to be used for smtp, say yes. Restart transport service and everything should work.

July 19th, 2013 9:04am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics