Help with SSL certificates
Hi all,
We run Exchange 2007 on Win 2K3 R2 machines. I recently had some users complaining about not being able to send mail, it appears to be a certificate issue. We use a certiface we got from a 3rd party for OWA (which most of our users use), but
I guess the one for SMTP/POP is the self-signed private one. I think our self-signed one has expired. I have never worked with the certificates in exchange before. Hopefully there is a way to use are current 3rd party certificate with
the other services, or a way to re-new the self signed one? Any help is appreciated, thanks.
May 12th, 2010 2:52pm
Hi
Run the Get-ExchangeCertificate command to verify that the certificate is enabled for the correct services.
you can view the thumbprint of the certificate and Enable the services with the following CMD
Enable-ExchangeCertificate -Services IMAP, POP, UM, IIS, SMTP -thumbprint
Thanks
Mhussain
Free Windows Admin Tool Kit Click here and download it now
May 12th, 2010 3:04pm
Is there a way to disable services from a certificate without getting rid of the certificate?
May 12th, 2010 3:34pm
Ok, so I added all of the services I wanted to the certificate that we got from a 3rd party and deleted all the other certificates (as they were all expired). The only issue I now have is when people try to use SSL to receive mail with a mail client.
It gets the following error message in Thunderbird:
An error occurred during a connection to test.local:995.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
Any ideas?
Free Windows Admin Tool Kit Click here and download it now
May 12th, 2010 4:18pm
Hello
Are you using a proxy or a direct connection?
Thanks
Mhussain
May 12th, 2010 10:01pm