Tuesday, May 28, 2013

Renewing an Exchange 2010 Certificate from Go Daddy

When you use the Exchange Management Console for Exchange Server 2010 to generate a certificate renewal request, the format used is not compatible with Go Daddy. The EMC provides some sort of binary request. Go Daddy expects a standard text-based renewal request.

You can use this process instead:
  1. Perform the certificate renewal on the Go Daddy web site and select the option to  reuse the existing CSR. If you do this then you do not need the renewal request from Exchange.
  2. Download the approved certificate in zip format and extact it to obtain the .crt file.
  3. Use IIS Manager (at the server node) to complete a certificate request. Provide the .crt file and a friendly name that you recognize. Note that .crt files are not displayed by default when browsing for the file.
  4. Use the Exchange Management Console to assign services to your renewed certificate.
And my best recommendation for avoiding this process is using multi-year certificates. And remember to use the discount codes in the Go Daddy spam messages. Typically you can get about 20% off.

2 comments:

  1. Fantastic post, this helped bundles.

    ReplyDelete
  2. Thanks a lot!

    Shame on Go Daddy support. They told me:

    1. Just apply. I told them that I have renew CSR. How to apply? It's not accepting.

    2. Then, they told me that they don't know about every messaging system. What they mean that they don't

    know the most famous messaging system in the world?

    3. Then, they told me to apply new CSR. I have about 200 domains and all domains are not under my control.

    So, I had to wait for all domain owners to add TXT record to authorize for certificate.

    4. Then, they told me to do nothing. The certificate will auto renew. At this moment, I was very angry and

    found this website.

    Thanks a lot!

    ReplyDelete