|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
"Certificate does not have a private key"This issue is regarding an Exchange-server with IIS and OWA. Windows Server 2003 SP1 and Exchange SP2. We obtained a public CA from VeriSign. It worked fine from clients like IE6, but not from mobile devices and ActiveSync. So the mobilephone-manufacterer adviced this: "In response to your query, it looks like the certificate on the exchange server is invalid. Is it possible for the I.T department to install a new certificate. Sometimes through webmail, it overides the old certificate whereas on the device it will not let you proceed." So I anassigned the certificate from the default website and then deleted all items from "Personal certificates" in the certificates MMC, and then imported the certificate from VeriSign. After that I assigned the certificate to the default web site in IIS. Now SSL doesn`t work at all and this is found in the eventviewer: http://support.microsoft.com/kb/824035 I have the certificate request sent to the CA and the certificate I got back from them. Obvoiusly the private key is missing. How can this be fixed? Obviously the new cert you installed, is not a complete cert (without
private key) Do you have a backup of the cert in pfx format? which you exported the private keys also? if not, I think you need to recreate the pending request, then complete the process by deploying the cert from CA to that corresponding pending request. -- Show quoteHide quoteRegards, Bernard Cheah http://www.iis.net/ http://www.iis-resources.com/ http://msmvps.com/blogs/bernard/ "jering" <jer***@discussions.microsoft.com> wrote in message news:149A544C-1970-4FD1-97CA-64F00DFFC748@microsoft.com... > Hi! > > This issue is regarding an Exchange-server with IIS and OWA. > Windows Server 2003 SP1 and Exchange SP2. > > We obtained a public CA from VeriSign. > It worked fine from clients like IE6, but not from mobile devices and > ActiveSync. So the mobilephone-manufacterer adviced this: > "In response to your query, it looks like the certificate on the exchange > server is invalid. Is it possible for the I.T department to install a new > certificate. Sometimes through webmail, it overides the old certificate > whereas on the device it will not let you proceed." > > So I anassigned the certificate from the default website and then deleted > all items from "Personal certificates" in the certificates MMC, and then > imported the certificate from VeriSign. After that I assigned the > certificate > to the default web site in IIS. > Now SSL doesn`t work at all and this is found in the eventviewer: > http://support.microsoft.com/kb/824035 > > I have the certificate request sent to the CA and the certificate I got > back > from them. > Obvoiusly the private key is missing. > How can this be fixed? Hello,
Export the Cert from a working server and make sure that you check the box during the export that says "Make Private Key Exportable" Show quoteHide quote "jering" wrote: > Hi! > > This issue is regarding an Exchange-server with IIS and OWA. > Windows Server 2003 SP1 and Exchange SP2. > > We obtained a public CA from VeriSign. > It worked fine from clients like IE6, but not from mobile devices and > ActiveSync. So the mobilephone-manufacterer adviced this: > "In response to your query, it looks like the certificate on the exchange > server is invalid. Is it possible for the I.T department to install a new > certificate. Sometimes through webmail, it overides the old certificate > whereas on the device it will not let you proceed." > > So I anassigned the certificate from the default website and then deleted > all items from "Personal certificates" in the certificates MMC, and then > imported the certificate from VeriSign. After that I assigned the certificate > to the default web site in IIS. > Now SSL doesn`t work at all and this is found in the eventviewer: > http://support.microsoft.com/kb/824035 > > I have the certificate request sent to the CA and the certificate I got back > from them. > Obvoiusly the private key is missing. > How can this be fixed? 
Other interesting topics
MS IIS Setting: HTTP Failed To Connect if Using Machine Name
Diff behavior for "Integrated windows authentication" in IIS6 Vs I How to create a web application on SBS2003 server ? RPC over HTTPS for Exchange "Failed to access IIS metabase" after installing Windows XP Pro Multiple SSL - Same Server - Same Port/IP Constrained Delegation Problem: SQL partially delegated Security Alert: The Name of the Security Certificate Is Invalid or Does Not Match the Name of the Si IWA connect to fileserver Non-default website is asking for username and password: why? |
|||||||||||||||||||||||
