question

BCL-4181 avatar image
0 Votes"
BCL-4181 asked BCL-4181 commented

Godaddy certificate still says 'Pending' after install on Exchange 2013

So I'm in the process of migrating from 2013 to 2019 Exchange.
Time to do the certs. I added the new 2019Ex server to my godaddy cert. Waited for the changes to take place, then downloaded and installed the new cert.
However in Exchange it still displays as pending. When I tried to install the new cert a 2nd time, it displayed the error that, that thumbprint was already on the server.

What gives?
What happened and what should be my next steps?
Thanks. B

office-exchange-server-administration
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

BCL-4181 avatar image
1 Vote"
BCL-4181 answered

So this is basically how I resolved my issue.
I did a repair on the cert.

When I tried to install the cert via the EAC, I saw what I mentioned in my original question.
So I tried to install via the management shell. Then I saw an error that said the private key was missing.
Then after some reading on line I saw where some others experienced the exact same thing and what they suggested was to do a repair on the cert.
certutil -repairstore my "Serial number of cert"
After I did the repair, I did an enable on the cert:
Enable-ExchangeCertificate -Server ‘EXCHANGESERVER’ -Services ‘IMAP, POP, IIS, SMTP’ -Thumbprint "Actual thumbprint of new cert"

That did it. New cert was installed, enabled and working.
Done.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KaelYao-MSFT avatar image
0 Votes"
KaelYao-MSFT answered BCL-4181 commented

Hi @BCL-4181

Are you trying to install the cert on Exchange 2013?
If so, would you share the detailed steps with us?

If you would like to add SAN to the certs, the general steps should be:
1.create new certificate signing request(csr) and contain the Exchange 2019 server name in it via EAC
2.submit the request to the CA (godaddy)
3.download the new certificate and complete the pending certificate request
4.once the request is completed and the status shows valid, you may edit the certificate to assign services to it

Here are several links for your reference:
Create an Exchange Server certificate request for a certification authority
Complete a pending Exchange Server certificate request
Assign certificates to Exchange Server services


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for your input.

0 Votes 0 ·