|
exchange
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
SAN Certificate on NLBC CAS NodesI have requested for SAN certificate renewal and i have generated request
using new-ExchangeCertificate command and sent csr file to thirdparty party. when i will receive certificate, i will import and enabl certificate on the node from which i generated request using Import-ExchangeCertificate and lateron Enable-ExchangeCertificate On Second node of NLBC, do i need to repeat same process to import certificate, enable certificate using same command or process will be different. regards On Fri, 20 Feb 2009 11:59:02 -0800, Syed.Aleem.Uddin
<SyedAleemUd***@discussions.microsoft.com> wrote: >I have requested for SAN certificate renewal and i have generated request Export the cert from the first server and then repeat the process on>using new-ExchangeCertificate command and sent csr file to thirdparty party. >when i will receive certificate, i will import and enabl certificate on the >node from which i generated request using Import-ExchangeCertificate and >lateron Enable-ExchangeCertificate >On Second node of NLBC, do i need to repeat same process to import >certificate, enable certificate using same command or process will be >different. > >regards the 2nd in the NLB. When you created the original request in Powershell, did you make it private key exportable? (the PrivateKeyExportable set to true allows this) On Fri, 20 Feb 2009 16:23:07 -0500, Andy David {MVP}
<ada***@pleasekeepinngcheesebucket.com> wrote: Show quoteHide quote >On Fri, 20 Feb 2009 11:59:02 -0800, Syed.Aleem.Uddin Oh and by repeat the process, I mean the importing, then enabling of><SyedAleemUd***@discussions.microsoft.com> wrote: > >>I have requested for SAN certificate renewal and i have generated request >>using new-ExchangeCertificate command and sent csr file to thirdparty party. >>when i will receive certificate, i will import and enabl certificate on the >>node from which i generated request using Import-ExchangeCertificate and >>lateron Enable-ExchangeCertificate >>On Second node of NLBC, do i need to repeat same process to import >>certificate, enable certificate using same command or process will be >>different. >> >>regards > > >Export the cert from the first server and then repeat the process on >the 2nd in the NLB. When you created the original request in >Powershell, did you make it private key exportable? (the >PrivateKeyExportable set to true allows this) > > course. well man...i used DigiCert website to generate CSR file ....does it allows to
set privatekeyexportable to true as the website does not bear infor. about privatekeyexportable option on their website... In case, it does not support then what does it mean..my more than 600US$ san certificate will be useless for second NLBC NODE.??????!!!!!! Show quoteHide quote "Andy David {MVP}" wrote: > On Fri, 20 Feb 2009 11:59:02 -0800, Syed.Aleem.Uddin > <SyedAleemUd***@discussions.microsoft.com> wrote: > > >I have requested for SAN certificate renewal and i have generated request > >using new-ExchangeCertificate command and sent csr file to thirdparty party. > >when i will receive certificate, i will import and enabl certificate on the > >node from which i generated request using Import-ExchangeCertificate and > >lateron Enable-ExchangeCertificate > >On Second node of NLBC, do i need to repeat same process to import > >certificate, enable certificate using same command or process will be > >different. > > > >regards > > > Export the cert from the first server and then repeat the process on > the 2nd in the NLB. When you created the original request in > Powershell, did you make it private key exportable? (the > PrivateKeyExportable set to true allows this) > > > > On Sun, 22 Feb 2009 04:39:01 -0800, Syed.Aleem.Uddin
<SyedAleemUd***@discussions.microsoft.com> wrote: >well man...i used DigiCert website to generate CSR file ....does it allows to Actually, you used Exchange and powershell to generate the certificate>set privatekeyexportable to true as the website does not bear infor. about >privatekeyexportable option on their website... >In case, it does not support then what does it mean..my more than 600US$ san >certificate will be useless for second NLBC NODE.??????!!!!!! > > > request when you issued the new-exchangecertificate command. Thats where you need tell it to make the private key exportable. If it doesnt work on the 2nd CAS, then ask Digicert for help and tell them you need to re-request for the same certificate. Show quoteHide quote > > > > >"Andy David {MVP}" wrote: > >> On Fri, 20 Feb 2009 11:59:02 -0800, Syed.Aleem.Uddin >> <SyedAleemUd***@discussions.microsoft.com> wrote: >> >> >I have requested for SAN certificate renewal and i have generated request >> >using new-ExchangeCertificate command and sent csr file to thirdparty party. >> >when i will receive certificate, i will import and enabl certificate on the >> >node from which i generated request using Import-ExchangeCertificate and >> >lateron Enable-ExchangeCertificate >> >On Second node of NLBC, do i need to repeat same process to import >> >certificate, enable certificate using same command or process will be >> >different. >> > >> >regards >> >> >> Export the cert from the first server and then repeat the process on >> the 2nd in the NLB. When you created the original request in >> Powershell, did you make it private key exportable? (the >> PrivateKeyExportable set to true allows this) >> >> >> >> If you didn't get the option to make it exportable, just go back to the
vendor and tell them that you made a mistake in the request process. They will not penalize you for this. They will let you resubmit the request, as long as the domain names are the same as in the original request. Deji Show quoteHide quote "Syed.Aleem.Uddin" <SyedAleemUd***@discussions.microsoft.com> wrote in message news:124BAC0F-F16F-491E-A011-A3BAB32BE9BE@microsoft.com... > well man...i used DigiCert website to generate CSR file ....does it allows > to > set privatekeyexportable to true as the website does not bear infor. about > privatekeyexportable option on their website... > In case, it does not support then what does it mean..my more than 600US$ > san > certificate will be useless for second NLBC NODE.??????!!!!!! > > > > > > > > "Andy David {MVP}" wrote: > >> On Fri, 20 Feb 2009 11:59:02 -0800, Syed.Aleem.Uddin >> <SyedAleemUd***@discussions.microsoft.com> wrote: >> >> >I have requested for SAN certificate renewal and i have generated >> >request >> >using new-ExchangeCertificate command and sent csr file to thirdparty >> >party. >> >when i will receive certificate, i will import and enabl certificate on >> >the >> >node from which i generated request using Import-ExchangeCertificate and >> >lateron Enable-ExchangeCertificate >> >On Second node of NLBC, do i need to repeat same process to import >> >certificate, enable certificate using same command or process will be >> >different. >> > >> >regards >> >> >> Export the cert from the first server and then repeat the process on >> the 2nd in the NLB. When you created the original request in >> Powershell, did you make it private key exportable? (the >> PrivateKeyExportable set to true allows this) >> >> >> >>  
Thread options
Other interesting topics
Multiple Domain Routing - Exchange 2003
Outlook 07: Rule only working sporadically Missing emails when using Outlook Web Access Exchange Routing Synchronization Error Can one Exchange host more than one domain? Licensing for Exchange 2003 Update Rollup 6 for Exchange 2007 SP1 - Error Installing Sending emails to Distributions list sometimes doesn't get deliver Event id 2030 RUS Exchange 2007 |
|||||||||||||||||||||||
