Are you referring to "re-keying"? So I can create a CSR in IIS6 and then rekey on godaddy's? And then download it again and complete the pending request? What's going to happen to the certificate that's already imported and working on exch 2010/iis7? Wouldn't that cert get revoked or invalidated since I re-key?

You remove that certificate after you replace it.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

the exch 2003 server had a certificate which has company.com and www.company.com for dns names. i bought a godaddy UC cert for an exch 2010 server that we are implementing. In order to include company.com and www.company.com with the new UC cert, I had to remove the cert on exch 2003 server and revoke the cert in cert manager on godaddy. I also included autodiscover.company.com and mail.company.com on this new UC cert. Exch 2010 owa and activesync is workign fien with the new cert. But after importing the new cert to exch 2003, activesync and owa on it doesn't work anymore. Browsing to https://company.com/exchange gets me a "page cannot be displayed". It's probably something specific I have to set or reset in IIS on exch 2003 but I don't know where! testexchangeconnectivity.com gives me this: ExRCA is testing Exchange ActiveSync. The Exchange ActiveSync test failed. Test Steps Attempting to resolve the host name company.com in DNS. The host name resolved successfully. Additional Details IP addresses returned: x.x.x.x Testing TCP port 443 on host company.com to ensure it's listening and open. The port was opened successfully. Testing the SSL certificate to make sure it's valid. The SSL certificate failed one or more certificate validation checks. Test Steps ExRCA is attempting to obtain the SSL certificate from remote server company.com on port 443. ExRCA wasn't able to obtain the remote SSL certificate. Additional Details The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation. I need to get this up and runnign as all users are still on it (only I am on exch 2010 so far).

Since ExRCA can't get the certificate, I would surmise that it is not installed properly.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

For some reason, when I import the cert to exch 2003 that I downloaded from godaddy, it just doesn't want to work. So I thought, why not export the cert from exch 2010 and import it to 2003? I did that and OWA worked but AS didn't. For AS, I followed these: http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/ http://support.microsoft.com/kb/817379 http://support.microsoft.com/kb/927465 Even though I did follow kb 927465, I'm still getting the following: ExRCA is analyzing intermediate certificates that were sent down by the remote server. One or more intermediate certificates were missing or invalid. Additional Details There's a missing intermediate certificate in the certificate chain. Subject = SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US. For more information, see Knowledge Base Article 927465. Not sure what the deal is? AS is working but I am getting that error. Tnx for the tip.

On Sun, 15 Apr 2012 01:17:37 +0000, ccslai wrote: > > >For some reason, when I import the cert to exch 2003 that I downloaded from godaddy, it just doesn't want to work. > >So I thought, why not export the cert from exch 2010 and import it to 2003? I did that and OWA worked but AS didn't. > >For AS, I followed these: > >http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/ > >http://support.microsoft.com/kb/817379 > >http://support.microsoft.com/kb/927465 > >Even though I did follow kb 927465, I'm still getting the following: > >ExRCA is analyzing intermediate certificates that were sent down by the remote server. > >One or more intermediate certificates were missing or invalid. > >Additional Details > >There's a missing intermediate certificate in the certificate chain. Subject = SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US. For more information, see Knowledge Base Article 927465. > >Not sure what the deal is? AS is working but I am getting that error. Tnx for the tip. Install the new certificate chain from GoDaddy on the 2003 server. Was the 2003 certificate a 1024 or 2048-bit cert? You probably have the intermediate certs for the 1024-bit certificates installed. See if this page explains the details of the problem: http://www.digicert.com/help/ --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Go Daddy has a post on its website with the procedure for installing their certificates. As Rich mentioned, you will need to install their intermediate certificates before importing the certificate from Go Daddy. That may mean that you will have to delete the certificate, create a new request, import the intermediate certificates, then complete the certificate request. Go Daddy should reissue the certificate from a new certificate request at no charge.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."