Exchange server SSL certificate was about to expire,in Exchange control panel created Certificate request
Created Certificate request, purchased new cert and after importing it, i still was seeing “Pending request” instead of new certificate.
Cert was installed in Local machine personal store but without private key (missing “key” icon)
Obtained SSL cert serial number
Created new private key for SSL certificate
certutil -repairstore my "4efaf9cf77fe59a448506e8a92a2b941"
Also, noted cert had no friendly name, so had to create it too:
Get Cert thumbprint:
(Get-ChildItem -Path Cert:\LocalMachine\My\<The thumbprint of your certificate>).FriendlyName = 'exchange.example.com'
(Get-ChildItem -Path Cert:\LocalMachine\My\e3c38169c22034de908e59c86171aa23c6ad01cc).FriendlyName = 'exchange.example.com'
After refreshing Exchange control panel, certificate finally appeared, with friendly name, now what’s left was to activate new cert
Enable-ExchangeCertificate –Thumbprint e3c38169c22034de908e59c86171aa23c6ad01cc –Services "IIS, SMTP, POP, IMAP"
Now delete old certificate, after testing access https://exchange.example.com/owa, in web browser i still saw old cert, had to restart IIS service to see new certificate.
geekdudes 