ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Resolved-Exchange 2010 - UCC SSL Cert Renewal WTF

    IT Discussion
    exchange 2010 ssl ssl certificates ucc req
    6
    12
    2.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • wrx7mW
      wrx7m @Alex Sage
      last edited by

      @aaronstuder said in Exchange 2010 - UCC SSL Cert Renewal WTF:

      @wrx7m is it encrypted?

      I'm guessing it is. But why?

      JaredBuschJ 1 Reply Last reply Reply Quote 0
      • JaredBuschJ
        JaredBusch @wrx7m
        last edited by

        @wrx7m said in Exchange 2010 - UCC SSL Cert Renewal WTF:

        @aaronstuder said in Exchange 2010 - UCC SSL Cert Renewal WTF:

        @wrx7m is it encrypted?

        I'm guessing it is. But why?

        Because you checked a box to encrypt it I would assume. Been a long time since I had to renew one.

        wrx7mW 1 Reply Last reply Reply Quote 1
        • wrx7mW
          wrx7m @JaredBusch
          last edited by wrx7m

          @jaredbusch Turns out it is the way that Exchange encodes the request. I ran:

          certutil -encode c:\renewal.req c:\base64renewal.req to convert it to base64.

          Edit: As seen in this thread-
          https://social.technet.microsoft.com/Forums/exchange/en-US/f570e4bd-7194-4cf5-92f4-c7ada2f5dc8a/exchange-2010-renew-certificates?forum=exchangesvrsecuremessaginglegacy

          JaredBuschJ dbeatoD 2 Replies Last reply Reply Quote 1
          • JaredBuschJ
            JaredBusch @wrx7m
            last edited by

            @wrx7m said in Resolved-Exchange 2010 - UCC SSL Cert Renewal WTF:

            @jaredbusch Turns out it is the way that Exchange encodes the request. I ran:

            certutil -encode c:\renewal.req c:\base64renewal.req to convert it to base64.

            Edit: As seen in this thread-
            https://social.technet.microsoft.com/Forums/exchange/en-US/f570e4bd-7194-4cf5-92f4-c7ada2f5dc8a/exchange-2010-renew-certificates?forum=exchangesvrsecuremessaginglegacy

            I have never had it do that by default.

            wrx7mW 1 Reply Last reply Reply Quote 1
            • wrx7mW
              wrx7m @JaredBusch
              last edited by

              @jaredbusch It might just be the renewal from within EMC, as opposed to issuing a whole new cert request.

              DashrenderD 1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender @wrx7m
                last edited by

                @wrx7m said in Resolved-Exchange 2010 - UCC SSL Cert Renewal WTF:

                @jaredbusch It might just be the renewal from within EMC, as opposed to issuing a whole new cert request.

                I've done renewals with no issues either. interesting.

                1 Reply Last reply Reply Quote 1
                • dbeatoD
                  dbeato @wrx7m
                  last edited by

                  @wrx7m Strange way of renewing the SSL Certificate.

                  JaredBuschJ 1 Reply Last reply Reply Quote 0
                  • JaredBuschJ
                    JaredBusch @dbeato
                    last edited by

                    @dbeato said in Resolved-Exchange 2010 - UCC SSL Cert Renewal WTF:

                    @wrx7m Strange way of renewing the SSL Certificate.

                    With the ECP web GUI in 2013, you simply click renew and get the updated CSR.
                    0_1505228366468_e1e2027c-535c-4599-8e61-31d3f5d9e8a0-image.png

                    wrx7mW 1 Reply Last reply Reply Quote 1
                    • wrx7mW
                      wrx7m @JaredBusch
                      last edited by

                      @jaredbusch That is similar to Exchange 2010, except it is the EMC that you do that in and that in my case, it wasn't generating the CSR in base64.

                      1 Reply Last reply Reply Quote 0
                      • T
                        topher
                        last edited by

                        I had the same problem:

                        Microsoft includes a command-line utility with Certificate Services called certutil. This utility performs various operations on certificate files, including converting them to and from base64 format.

                        Note that this command is run on your certificate server, which, in your environment, may be different from your Exchange server. If so, you need to copy the binary .req file to the certificate server, or make it accessible via a shared network folder or removable storage device.

                        Open a command prompt on the certificate server and navigate to the folder where your binary .req file is, then type the following command:

                        certutil -encode yourbinaryinputfile yourasciioutputfile

                        Example:
                        certutil -encode der.exchange.example.com.req pem.exchange.example.com.req
                        You can then open the output file in Notepad and confirm that it is in the correct format to upload to your certifying authority.

                        1 Reply Last reply Reply Quote 1
                        • 1 / 1
                        • First post
                          Last post