Wednesday , April 24 2019

How to Export a Self signed Server Certificate and Import it on a another Server in Windows server 2008 R2

If you are doing to a Cross forest move between two Exchange 2010 Forests

In order to authenticate between Exchange 2010 forests – using a Self Signed Certificate

Will be Exporting the Target Exchange Server Certificate and import it on the Source Exchange Server

Vice Versa

Will be Exporting the source Exchange Server Certificate and import it on the Target Exchange Server

Its Pretty simple

Am Running this on the Source Server

image

Start – Run – MMC – Click on Add/Remove Snap in

image

Add Certificates

image

Choose Computer Account

image

Choose Local Computer

image

image

Click OK

Now being in the Source Exchange Server,

Am Exporting the Certificate from the Certificates Container

image

image

Click Next

image

Choose Next

image

image

image

Now Getting the Source Exchange Server Cert file to the Target Exchange Server

Start – Run – MMC – Click on Add/Remove Snap in

image

Add Certificates

image

Choose Computer Account

image

Choose Local Computer

image

image

Right Click on Certificates – All Tasks – Import

image

Choose the File

image

Choose Trusted Root Certification

image

Do the Same Process And Import to Certificates on the Personal Container

Now Source Cert has been Exported and imported to the Target Exchange Server

Now

Do the Same Process vice versa

Export the Target Exchange Cert and imported to the Source Exchange Server

Now Both Exchange 2010 forests can authenticate without any issues , While a cross forest move

 

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Exchange Server MVP , Publisher of CareExchange.in
Supporting/Deploying/Designing Microsoft Exchange for some years.
Extensive experience on Microsoft Technologies.

Check Also

Moving Mailboxes from Child domain to root domain.

In my Scenario _ Root Domain – A.com Child Domain – B.com – Customer wants ...

5 comments

  1. Worked perfectly! Thanks for your post

  2. I have imported the self-signed certs between all CAS servers in each org, and still get the error-

    new-MoveRequest : The call to ‘https://irv-edc-cas04.corp.mycompany.com/EWS/mrsproxy.svc’ failed. Error details: Could not establish trust relationship for the
    SSL/TLS secure channel with authority ‘irv-edc-cas04.corp.mycompany.com’. –> The underlying connection was closed: Could not establish trust relationship for the
    SSL/TLS secure channel. –> The remote certificate is invalid according to the validation procedure..

    Any thing I can check to verify? I am already running the new-moverequest cmdlet in verbose mode.

  3. Exactly what I needed, thanks!

Leave a Reply

Your email address will not be published.