exchange 2003 owa and activesync is now not working...urgent help!
Are you referring to "re-keying"?
So I can create a CSR in IIS6 and then rekey on godaddy's? And then download it again and complete the pending request?
What's going to happen to the certificate that's already imported and working on exch 2010/iis7? Wouldn't that cert get revoked or invalidated since I re-key?
April 27th, 2012 8:33am
You remove that certificate after you replace it.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Free Windows Admin Tool Kit Click here and download it now
April 27th, 2012 11:01am
the exch 2003 server had a certificate which has company.com and
www.company.com for dns names.
i bought a godaddy UC cert for an exch 2010 server that we are implementing. In order to include company.com and
www.company.com with the new UC cert, I had to remove the cert on exch 2003 server and revoke the cert in cert manager on godaddy. I also included autodiscover.company.com and mail.company.com on this new UC cert.
Exch 2010 owa and activesync is workign fien with the new cert.
But after importing the new cert to exch 2003, activesync and owa on it doesn't work anymore. Browsing to
https://company.com/exchange gets me a "page cannot be displayed". It's probably something specific I have to set or reset in IIS on exch 2003 but I don't know where!
testexchangeconnectivity.com gives me this:
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting to resolve the host name company.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: x.x.x.x
Testing TCP port 443 on host company.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server company.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
I need to get this up and runnign as all users are still on it (only I am on exch 2010 so far).
April 27th, 2012 4:57pm
Since ExRCA can't get the certificate, I would surmise that it is not installed properly.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Free Windows Admin Tool Kit Click here and download it now
April 27th, 2012 7:36pm
For some reason, when I import the cert to exch 2003 that I downloaded from godaddy, it just doesn't want to work.
So I thought, why not export the cert from exch 2010 and import it to 2003? I did that and OWA worked but AS didn't.
For AS, I followed these:
http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/
http://support.microsoft.com/kb/817379
http://support.microsoft.com/kb/927465
Even though I did follow kb 927465, I'm still getting the following:
ExRCA is analyzing intermediate certificates that were sent down by the remote server.
One or more intermediate certificates were missing or invalid.
Additional Details
There's a missing intermediate certificate in the certificate chain. Subject = SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US. For
more information, see Knowledge Base Article 927465.
Not sure what the deal is? AS is working but I am getting that error. Tnx for the tip.
April 27th, 2012 9:36pm
On Sun, 15 Apr 2012 01:17:37 +0000, ccslai wrote:
>
>
>For some reason, when I import the cert to exch 2003 that I downloaded from godaddy, it just doesn't want to work.
>
>So I thought, why not export the cert from exch 2010 and import it to 2003? I did that and OWA worked but AS didn't.
>
>For AS, I followed these:
>
>http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/
>
>http://support.microsoft.com/kb/817379
>
>http://support.microsoft.com/kb/927465
>
>Even though I did follow kb 927465, I'm still getting the following:
>
>ExRCA is analyzing intermediate certificates that were sent down by the remote server.
>
>One or more intermediate certificates were missing or invalid.
>
>Additional Details
>
>There's a missing intermediate certificate in the certificate chain. Subject = SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US. For
more information, see Knowledge Base Article 927465.
>
>Not sure what the deal is? AS is working but I am getting that error. Tnx for the tip.
Install the new certificate chain from GoDaddy on the 2003 server. Was
the 2003 certificate a 1024 or 2048-bit cert? You probably have the
intermediate certs for the 1024-bit certificates installed.
See if this page explains the details of the problem:
http://www.digicert.com/help/
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
Free Windows Admin Tool Kit Click here and download it now
April 27th, 2012 10:31pm
Go Daddy has a post on its website with the procedure for installing their certificates. As Rich mentioned, you will need to install their intermediate certificates
before importing the certificate from Go Daddy. That may mean that you will have to delete the certificate, create a new request, import the intermediate certificates, then complete the certificate request.
Go Daddy should reissue the certificate from a new certificate request at no charge.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
April 28th, 2012 1:09am