Announcement

Collapse
No announcement yet.

Exchange 2010 Certificate cant complete pending request

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Exchange 2010 Certificate cant complete pending request

    Hi There

    I have just installed Exchange 2010, issued a cert request and have the cert back from startSSL.com. Under Server Configuration I right clicked on the cert and completed the Pending request and all when well, however it still says "Complete Pending request" when I right click on the cert and I am unable to assign it to any services. It also says it is a Self-Signed cert?

    Thanks in advance for any help. : )

  • #2
    Re: Exchange 2010 Certificate cant complete pending request

    That would tend to indicate that either the certificate response was bad, or Exchange can't understand it. I haven't used their certificates as the trust level isn't wide enough for my uses. Do they need you to install root or intermediate certificates? If so, you will need to install them.

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: Exchange 2010 Certificate cant complete pending request

      Thanks for the replay. I have since installed the root and ca but the status of the cert in exchange is still Self Signed and "Complete pending Request" is still an option. When I use the MMC to look at my Certificates I can see the Cert in question The personal Certificate store and looks fine, so I am a bit lost?

      Comment


      • #4
        Re: Exchange 2010 Certificate cant complete pending request

        I would suggest that you remove the certificate request and complete a fresh one. This isn't a problem I have seen, but then as I have already said, I don't use those certificates because of their trust level. The "Free" certificate isn't a UCC certificate so isn't really suitable for use with Exchange 2010.

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: Exchange 2010 Certificate cant complete pending request

          I had the same problem today. After the third cert from the CA didn't work I decided to get creative and found the following worked a treat.

          Look in the server's certificate store (certmgr.msc) - if you have tried to complete the pending certificate request then you should find the certificate from you CA is installed but doesn't have an association with the private key generated by the request (hence the request is still considered to be pending). Open the the certificate from the CA and on the details tab find the thumbprint field and copy it to your clipboard (CTRL-C).

          Now run the following command from a command prompt:
          certutil -repairstore My "<thumbprint>"

          Refresh your view of the certificate store and hopefully your cert is now associated with its private key! Likewise Exchange will now list the certificate and allow you to assign services to it.

          Comment

          Working...
          X