Godaddy certificate still says 'Pending' after install on Exchange 2013

BCL 831 Reputation points
2021-05-16T14:42:13.067+00:00

So I'm in the process of migrating from 2013 to 2019 Exchange.
Time to do the certs. I added the new 2019Ex server to my godaddy cert. Waited for the changes to take place, then downloaded and installed the new cert.
However in Exchange it still displays as pending. When I tried to install the new cert a 2nd time, it displayed the error that, that thumbprint was already on the server.

What gives?
What happened and what should be my next steps?
Thanks. B

Exchange | Exchange Server | Management
0 comments No comments
{count} votes

Accepted answer
  1. BCL 831 Reputation points
    2021-05-17T14:00:03.753+00:00

    So this is basically how I resolved my issue.
    I did a repair on the cert.

    When I tried to install the cert via the EAC, I saw what I mentioned in my original question.
    So I tried to install via the management shell. Then I saw an error that said the private key was missing.
    Then after some reading on line I saw where some others experienced the exact same thing and what they suggested was to do a repair on the cert.
    certutil -repairstore my "Serial number of cert"
    After I did the repair, I did an enable on the cert:
    Enable-ExchangeCertificate -Server ‘EXCHANGESERVER’ -Services ‘IMAP, POP, IIS, SMTP’ -Thumbprint "Actual thumbprint of new cert"

    That did it. New cert was installed, enabled and working.
    Done.

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Kael Yao 37,746 Reputation points Moderator
    2021-05-17T06:10:43.703+00:00

    Hi @BCL

    Are you trying to install the cert on Exchange 2013?
    If so, would you share the detailed steps with us?

    If you would like to add SAN to the certs, the general steps should be:

    1. create new certificate signing request(csr) and contain the Exchange 2019 server name in it via EAC
    2. submit the request to the CA (godaddy)
    3. download the new certificate and complete the pending certificate request
    4. once the request is completed and the status shows valid, you may edit the certificate to assign services to it

    Here are several links for your reference:
    Create an Exchange Server certificate request for a certification authority
    Complete a pending Exchange Server certificate request
    Assign certificates to Exchange Server services


    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.