CA/HT is a WIndows 2008, Exchange 2007 SP1 configuration. I jumped through al sorts of hoops trying to figure out where the heck Certificate requestswere generated, which is completely different from IIS 6. Eventually I created the certificate request and re-keyed a GoDaddy certificate for my server. I installed the intermediate certificate first, removed the self-generated Exchange certificate then installed the IIS 7 certificate, but I still got a security warning that the certificate had problems. Then I went surfing for answers and things have gone from bad to worse. I found a Technet article that said to use the command shell to do the installation: Import-ExchangeCertificate -Path c:\path\mycert.crt -friendlyname "friendlyname" which failed because the certificate was still installed in IIS 7. So I removed that and the command completed, but I still got the "There is a problem with this website's certificate" which I can ignore and continue, but this is obviously still screwed up. I checked the IIS 7 site and no certificate was visible. I tried to re-install the cert and it complained that the private key wasn't there. I used PS to remove the cert with the remove-exchangecertificate and attempted to reinstall though IIS Manager and now I get: "There was an error while performing this operation." and something about an "ANS1 bad tag value met. 0x8009310b (ASN:267)" Now I can go back and re-key the cert yet again, but before I do, I want to know the *correct* method of installing the OWA cert.

Ok, I found out that you aren't supposed to use IIS Manager to do anything with SSL certificates, period. Everything from the Command Shell: http://technet.microsoft.com/en-us/library/bb310795(EXCHG.80).aspx Or as Emily Latilla used to say, "Never Mind!"