0

I'm having a bit of problem. I've went and registered new certificate for my domain mail.company.com at StartCom. This is free one year certificate. I've created it from scratch on website and haven't used IIS to generate request. Now the problem is if i install the generated certificate I get error message when i use SSLDiag to verify the certificate (since OWA doesn't work): "#WARNING: You DON'T have a private key that corresponds to this certificate".

So how do I make it install with private key. I do have private key and password for it (it was generated for me on website) just it's simple .key file. The ssl.crt when imported to machine thru MMC Computer Certificates cna be used in IIS but the error is as above.

MadBoy
  • 3,835

2 Answers2

1

You could use OpenSSL to combine the cert and key into a PFX file.

Command would be something like: openssl pkcs12 -export -out mycert.pfx -in mycert.cert -inkey mykey.key

phoebus
  • 8,430
0

It might be possible, but it will be much easier and more supportable if you generate a CSR from IIS on the Exchange Server and then use that to create a new certificate.

Most Certificate Vendors will allow you to revoke a key and replace it with a new one that has the same expiry date, without incurring extra charges.

Unless you have a very good reason to do otherwise, I recommend starting over.

dunxd
  • 9,874