Problem while importing a certificate

  • Thread starter riochicken
  • Start date Views 768
R

riochicken

Hi,

I;ve just installed Exchange 2010 on a Windows 2008 server and when I trt to import my officially certificate with Windows Powershell, it gives me an error:

[PS] C:\Windows\System32>Import-ExchangeCertificate -Path "C:\cert\certs\www.mydomain.crt.csr"
Import-ExchangeCertificate : The source data is corrupted or not properly Base64 encoded.
At line:1 char:27
+ Import-ExchangeCertificate <<<<  -Path "C:\cert\certs\www.mydomain.crt.csr"
    + CategoryInfo          : ReadError: :)) [Import-ExchangeCertificate], InvalidOperationException
    + FullyQualifiedErrorId : 76D5CB03,Microsoft.Exchange.Management.SystemConfigurationTasks.ImportExchangeCertificate

I rekeyed this certificate from the certification authority (godaddy.com)

Does anybody have any idea?

Thanks in advance!

Kind regards

Richard
 
A

Andreas Helland

Are you importing the correct file? The .csr suffix sounds like the request, not the final cert? (Though I do not know what naming convention you use for your files.)

You should be able to open the certificate in Notepad, and it will say something like "BEGIN CERTIFICATE", followed by a long base64-encoded string, and "END CERTIFICATE". Did you choose the IIS format when fetching the cert from GoDaddy?
 
B

Brian Day MCITP [MVP]

See if it actually did import regardless of the error. There is a known bug being worked on where you will see that exact error, but if you try the Enable-ExchangeCertificate CMDLET it'll work or if you look in the GUI you'll see it there. It seems to be cosmetic only.Brian Day / MCSA / CCNA, Exchange/AD geek.
 
R

riochicken

Are you importing the correct file? The .csr suffix sounds like the request, not the final cert? (Though I do not know what naming convention you use for your files.)

You should be able to open the certificate in Notepad, and it will say something like "BEGIN CERTIFICATE", followed by a long base64-encoded string, and "END CERTIFICATE". Did you choose the IIS format when fetching the cert from GoDaddy?

Hi,

First of all, thank you for your reply!

I filled in all of the necessary details at godaddy.com and downloaded the signed certificate, which is a *.csr file and a *.p7b certificate to state godaddy is a trusted certificate blabla, so I presume (allthough I know assumption is the mother of all f*ckups ;-)) this is the right file to use! And yes, it starts with the Begin Certificate like you state in your reply... :(

Thanks!

Richard
 
R

riochicken

Hi,

Thanks for your reply!

I tried to enable the certificate but it doesn't work! It gives me an error stating that the certificate with the given thumprint could not be found... I als tried to install a self signed certificate btw and that also failed with the same error as described above in my starting mail... :(

Error:
-------------------------------Enable-ExchangeCertificate : The certificate with thumbprint D6592AC9F473BE7225BD1E5D5C99DD807B4AA126 was not found.
At line:1 char:27
+ Enable-ExchangeCertificate <<<<  -Thumbprint D6592AC9F473BE7225BD1E5D5C99DD80
7B4AA126 -Services "SMTP, IIS, POP, IMAP"
    + CategoryInfo          : ObjectNotFound: :)) [Enable-ExchangeCertificate]   , InvalidOperationException
    + FullyQualifiedErrorId : 76D5CB03,Microsoft.Exchange.Management.SystemCon
   figurationTasks.EnableExchangeCertificate
--Thanks!

Richard
 
Top