Windows server 2008 and exchange 2010 certificate issue

Not open for further replies.

Yves MG

Hi all,

I have a problem when I try to process a pending certificate request. I got a public authority certificate, but can't import it to the IIS. I don't have any error message and can see the certificate itself when I just import it, but it disappear after a refresh. I just can import it many times and still the same.

I tried the same on the exchange console but when i try to import it, it just tell me there is already a certificate with this ID, but I can't see any certificate, even on the IIS console or the exchange one.

Thanks for help everybody.


Joe Tam

Dear Yves,
In the Exchange Powershell, if you type get-exchangecertificate, it should have some certificate there. Please confirm.


Yves MG

Hi Joe,

Thanks for interesting my case.

When I type get-exchangecertificate, I just have one listed with ID: 0CC386F042E8763B775FC07DBB9CB1E1AA3BC0F3

When I try to import the one I got from authority, the existing ID should be : 52CC12807BDDE95A1386B7B7315B96B334DC2F54



wich version of exchange 2010 ( SP1 or no)

how are you made your certifiactes request ?

Yves MG


Yes, the certificate authority is a public one, and I checked it anyway.


Yves MG

Hi Christophe,

I didn't install the SP1, the exchange version is 14.0 (build 639.21)

I made the certificate by using the assistant, getting a .req file, submitting it to the CA, that gave me the .cer one I tried to put on my server. The thing is when I double clic on the certificate itself on the server, when I check the details, everything seems to be fine.



Quote: “The thing is when I double clic on the certificate itself on the server, when I check the details, everything seems to be fine”

So, the certificate has been imported and visible?

What"s the certificate with thumbprint “0CC386F042E8763B775FC07DBB9CB1E1AA3BC0F3”, the self-signed exchange certificate?

Please check certificate store on the exchange server via MMC, see if certificate that you imported before exists in there. If yes, please remove it

Please use the cmdlets below to import certificate. If there"s any error or warning information, please post the output and also the related error event

Configure SSL Certificates to Use Multiple Client Access Server Host Names


Yves MG

Hi James-Luo,

No the certificate isn't imported, but I can open it.

Yes, the only certificate I have is the self-signed one.

I got the following example from the link you gave me:

Import-ExchangeCertificate -path <certificate_file_name>.cer -friendlyname " Contoso CAS01"

When I put for my example: Import-ExchangeCertificate -path webmail.cer -friendlyname " webmail" (from the folder where my certificate is, and I also tried the full path)

I get the following:

+ CategoryInfo : InvalidArgument: :)) [Import-ExchangeCertificate], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Import-ExchangeCertificate



If there is private key. You need to use credential, with correct password.

But I thing, that you need to complete certificate request, that"s why is popping up, that there is already certificate with thumbprint. Click on certificate, in Exchange management Console, than on the right side, use complete request.

Yves MG

I already tried to complet the request, but I think as I deleted everything and tried to request again, I have to buy a new certificate or?

However when I get certificate informations using get-exchangecertificate, i get 2 thumbprints:

Thumbprint Services
---------- ------
8FB0C6C8399A031D57E62F9246C27B7F5F095C7A ......
2B9383875487994DAA5FC0D9AF56F0046BC98F78 IP..S.

And when I try to complete request:

Error :
Unable to import, a existing certificate with thumbprint 52CC12807BDDE95A1386B7B7315B96B334DC2F54 already exists.



I have tested following :

Run in Exchange PowerShell : New-ExchangeCertificate &ndash;GenerateRequest &ndash;SubjectName &ldquo;&hellip;&hellip; end press Enter .

I get following Response :

Thumbprint Services Subject

---------- -------- -----
955F8A8EE66899BF21A4556D4402EA7437668D09 ..... C=TEST, O=ORG...

When i run Get-ExchangeCertificate :

Thumbprint Services Subject

---------- -------- -----
955F8A8EE66899BF21A4556D4402EA7437668D09 ..... C=TEST, O=ORG...

5A17AD4CF0832D9569A9F539B4D23CEBCEDD2246 ...WS CN=test-org,

4139609DEAA38ACD5AE36AA182FF05C8403EBA0F ....S CN=SRVHC01

A0341A1AC556F85FB1D40D5597A696164CCC85D3 IP..S

E9E2060829ADBB09BD5640AEDAA542EA4D29DC57 ....S CN=SRVHC01

So thumbprint is inside, but no services assigned.

Then i contact my local CA, and Submit a certificate request by using a bas 64&hellip;.past a text

Then i save certnew.cer file local on Exchange server.

Then i run flowing command : Import-ExchangeCertificate -path c:\certnew.cer

The response is different Thumbprint :

Thumbprint Services Subject

---------- -------- -----
7C0727C183A86ABB98269C2FBDAE458F750E6DAD ..... CN=TEST-ORG...

End if i run now Get-ExchangeCertificate

Origimnal Req Thumbprint 955F8A8EE66899BF21A4556D4402EA7437668D09 is replaced with 7C0727C183A86ABB98269C2FBDAE458F750E6DAD

So be sure to check colum Subject, you might already imported certificate, and you wrongly generate Certificate request ? Check local computer Certificate store with mmc. Look at System event log for Warning HttpEvent with ID : 15300 & 15301.

For more, i would have to go on your machine, to see what is wrong.


Besides the suggestion from MailStane, please also try to use the examples in this article if you confirmed that the certificate hasn"t been imported yet


Yves MG

Hi all,

Thanks for answers, I could get ride of this problem by regenerating a certificate.

I don't know how, the certificate I ordered from the CA was corrupted, I used the insurrance to regenerate it and could import it by using the exchange management console. Here is exactly what I did:

In the exchange management console, I did a new request and defined the fqdn for my request, and not a wilcard as specified by default, then got my request file, copied the content as CSR and finally got the right certificate from the public authority that I could import as well.

I think I made a mistake by copying or pasting, maybe some missing caracters.

The strange thing is I can't get the import cmdlet command work as it always tell me there is something wrong with the -path, however, as it worked with the console, everything is ok for me now.

Thanks again everybody for spending time on my case.



Glad you solved the issue

In this TechNet article for the &ldquo;Import-ExchangeCertificate&rdquo; cmdlet, there"s no &ldquo;Path&rdquo; parameter. The cmdlet needs to use &ldquo;FileData&rdquo; parameter for importing the files via EMS

MaliStane, you can use the &ldquo;Path&rdquo; parameter when attempting to import the certificate?

Not open for further replies.
Thread starter Similar threads Forum Replies Date
B Re: Upgrade windows server 2008 std R2 to Windows server 2008 Ent R2 with exchange 2010 Exchange Server Administration 1
S Unable to add nodes in windows server 2008 failover cluster Exchange Server Administration 2
A windows 2003 server with exchange2003 server migrate to windows 2008 std with exchange server 2010 Exchange Server Administration 1
J Migrate from SBS 2008 to Windows Server 2008 R2 (Exchange 2010) Exchange Server Administration 8
C Migrating Server Roles From Physical Windows Server 2008 to a virtual server Windows 2008 R2 Exchange Server Administration 2
C Change the port used by "Console for Exchange Server 2010" in IIS Windows Server 2008 R2 Exchange Server Administration 2
J Problems accessing console of Exchange 2010 on Windows Server 2008 R2 Please help me Exchange Server Administration 4
T Prerequisites softwares for installing exchange 2010 edge transport server on windows 2008 R2 Exchange Server Administration 1
S plz Help: i cant disable password complexity in Windows Server 2008 R2 Exchange Server Administration 5
I add the domains into AD Domains and Services windows server 2008 Exchange Server Administration 2
G windows Server 2008 R2 Backup ad Exchange 2010 Exchange Server Administration 4
R How to add/install Windows Server 2008 R2 and Ms Exchange 2010 User CALs Exchange Server Administration 1
S Online trainings on Exchange Server 2010/Windows Server 2008 Directory Services Exchange Server Administration 4
R Installation of Client Access role fails on Windows Server 2008 R2 (Execution of: "$error.Clear(); I Exchange Server Administration 15
J I use Windows XP with Microsoft Outlook 2003 and I cannot get int the Microsoft Exchange server. Using Outlook 1
A outlook 2010, windows 7, exchange server: "The action cannot be completed. The connection to Micro Using Outlook 1
C Outlook 2010 &amp; windows 7 - WILL NOT SAVE emails on the server. Using Outlook 1
S Outlook 14 lose contact with our exchange server 2010 after Windows 7 have been in power save mode. Using Outlook 2
R Single Mailbox Recovery with Windows Server Backup Exchange Server Administration 4
W Windows XP/Outlook 2003: Can I export my Outlook contact list to a web based email account at the server. How can I configure CSV format to comply wit Using Outlook 1
S Not able to establish Outlook on Windows server, office email, yahoo account Using Outlook 1
C windows server backup failing with ErrorCode 2155348041 Exchange Server Administration 2
S Lose Calendar When Inside Outook On Windows Server 2003 Using Outlook 2
B Windows Server Backup - Consistency Check fails Exchange Server Administration 6
J Microsoft outlook 2010 on windows 2003 Server. Using Outlook 1
A how to configure windows 2003 built in mail server (POP Server) coexistence with exchange server 2007/2010 Exchange Server Administration 7
T Windows Server Backup Error Exchange Server Administration 38
R Can I export/import emails from Windows Live Mail into Outlook 2007 (not on an exchange server)? Using Outlook 1
C Installing Exchange 2010 on Windows Server 2008R2 domain controller Exchange Server Administration 3
M Extending the schema from Windows Server 2003 R2 x64?? Exchange Server Administration 7
M Office 2010 will not load windows server 2003 Using Outlook 2
J Cannot connect Windows 7, Outlook 2007 to Exchange Server 2007 Using Outlook 6
S Installing Exchange Server 2010 on Windows 7 Exchange Server Administration 4
M Event in Windows Server R2 Domain controller after introducing into 2003 Domain Exchange Server Administration 2
M AFTER Security Update for Windows XP (KB2286198) I get contacting the server for information Using Outlook 4
T Re: Windows with Exchange Server hangs recently Exchange Server Administration 7
F Re: Windows with Exchange Server hangs recently Exchange Server Administration 1
A Re: Security alert when starting Outlook 2007 on Windows 7 - Exchange Server 2003 Using Outlook 5
I Exchange EMC Fails To Open After Uninstalling Windows Certificate Services on the Server Exchange Server Administration 4
A Re: Security alert when starting Outlook 2007 on Windows 7 - Exchange Server 2003 Using Outlook 1
V We just switched to windows exchange server for our emails. I used to automatic forward emails to a different account by adding it at my local machine Using Outlook 1
O LDAP issue using Windows 7 64-bit home premium and Office 2010 home and business issue (LDAP Server 2003 R2 Using Outlook 1
J windows 7 and Outlook 2007 can't connect to Verizon server Using Outlook 3
C Exchange backup failing Windows Server Backup Exchange Server Administration 12
R Windows Server Backup for Exchange Server 2010 + Symantec backup Exec 12.5 Exchange Server Administration 4
J Exchange 2010 and Windows server backup hanging Exchange Server Administration 20
J Windows Server Backup fails if not all databases are active on the same DAG member server Exchange Server Administration 4
D Setting up Shared Database on Windows 2003 Server - File Server BCM (Business Contact Manager) 2
B iCloud for Windows 11.2 disconnects by itself after 30-45 minutes Using Outlook 9
Similar threads