STARTTLS will expire soon multiple certs request help
We are getting the above message. I have read to delete the old certs and run New-ExchangeCertificate. My Issue lies in which do I need to delete. We do have an SSL from Go Daddy that I know will need to be renewed next month. That
one I am familer with but not the STARTTLS ones. If i do get-exchangecertificate here is what I get:
Thumbprint
Services Subject
---------- -------- -------
479767EB6F406C80A123B1231E1325300EA83396 IP..S CN=mail.orchardhillchur...
C9647E407B5393AE51DCF3DD1A6E48F859CFB907 ....S CN=OHC-DC1
ADCD2C180D7C6939D55AC1072016E96253F5DF8D IP.WS CN=mail.orchardhillchur...
BB2C03D92F9F1C38E9B82A410831CF74BFB656A3 ....S CN=OHC-DC1
26EADC40708688CD8012E86DCD7F9CEC7813F777 ....S CN=WMSvc-OHC-DC1
If I do start - mmc- add - certificates this is what I have listed
Issued to:
Issued by Expires
Intended Purposes
mail.orchardhillchurch.com Go Daddy Secure Cert 5/18/11
Server Auth, Client Auth
mail.orchardhillchurch.com Mail.orchardhillchurch.com 4/27/11 Server Auth
OHC-DC1 OHC-DC1 4/23/11
Server Auth
OHC-DC1 OHC-DC1 4/17/11
Server Auth
WMSvc-OHC-DC1 WMSvc-OHC-DC1 4/15/11
Server Auth
I know what I will have to do with the Go Daddy SSL Cert next month. Which ones pertain to the STARTTLS that I need to delete and renew though? Thank you for helping out ahead
of time.
Edit: sorry forgot running Exchange 2007 on Server 2008 Standard.
April 4th, 2011 3:26pm
Doesnt that error list the thumbprint of the cert that is ready to expire?
That get-exchangecertificate command piped to FL (get-exchangecertificate | fl ) will list all the details.
Free Windows Admin Tool Kit Click here and download it now
April 4th, 2011 3:32pm
STARTTLS is used by SMTP connectors, so it is one of the certificates marked for SMTP use.
renew your certs first, then delete old certs.
lasse at humandata dot se, http://anewmessagehasarrived.blogspot.com
April 4th, 2011 6:58pm