Hello all,
I am currently setting up an Exchange Server & Outlook for a website and have been trying to install a certificate for Domain Validation.
I opened the Exchange Server Powershell and imported it with Import-ExchangeCertificate -Server "<ServerName>" -FileData ([System.IO.File]::ReadAllBytes('C:\Certificates\groupname.p7c')) -PrivateKeyExportable:$true -Password (ConvertTo-SecureString -String '<password>' -AsPlainText -Force)
,
then attempted to enable it with Enable-ExchangeCertificate -Server "<ServerName>" -Thumbprint <XXXXXXXXXXXXXXXXXXXXX> -Services SMTP,IMAP,IIS
and got back this error:
A special Rpc error occurs on server SERVERNAME: The certificate with thumbprint XXXXXXXXXXXXXXXXXXXXX was found but is not valid for use with Exchange Server (reason: PrivateKeyMissing). + CategoryInfo : NotSpecified: (:) [Enable-ExchangeCertificate], InvalidOperationException + FullyQualifiedErrorId : [Server=<SERVER-NAME>,RequestId=d09d4e8e-b66e-4235-9aef-998de9bc86ab,TimeStamp=9/11/2022 9: 20:12 PM] [FailureCategory=Cmdlet-InvalidOperationException] DA6D9EA1,Microsoft.Exchange.Management.SystemConfigur ationTasks.EnableExchangeCertificate + PSComputerName : <servername.website_address>
For reference, I attempted to follow the instructions at website 0000251, and while using the command certutil -repairstore my “SerialNumber”
in the command prompt a Windows Security tab popped up "Select a smart card device, connect a smart card."
Do I need a smart card to fix my certificate? I understand that an admin usually uses a smart card for the certutil
command. Is there any other way I can fix the above issue PrivateKeyMissing
? Thank you.