How to configure SSL for Exchange Server 2007

12.May.2012 | by Prem Rana | Filed in: Articles, MS Exchange

Below are the steps to configure SSL for Exchange server 2007 1. Open EMS and type the below command to generate certificate request in shell. New-ExchangeCertificate -GenerateRequest -SubjectName "dc=com,dc=winplat,o=Article," -domainname,, SMTP.Winplat.Com, CAS01.Winplat.Com, CAS02.Winplat.Com, -FriendlyName "Microsoft Exchange 2007" -KeySize 1024 -PrivateKeyExportable $true -Path c:\owacert.txt 2. Open URL http://certificate server name/certsrv Click on the task Request a certificate 3. Click submit an advanced certificate request 4. Click Create and submit a request to this CA 5. Keep the next page open and browse and Open the cert request in notepad previously generated in shell in step 1. 6. Copy the notepad text and paste it in the Saved Request text box on the configuration page and click submit 7. Click on download certificate 8. User Powershell command to import the certificate. Here is the command: Import-ExchangeCertificate -Path <Path of the Certificate File> 9. Use Powershell to enable this certificate for IIS and SMTP services. Below is the command: Enable-ExchangeCertificate –Thumbprint “AAAAAAAAAAAAAAAAAAAAAAAAAA” –Services IIS,SMTP 10. PowerShell command to enable this certificate for POP and IMAP services: Enable-ExchangeCertificate –Thumbprint “AAAAAAAAAAAAAAAAAAAAAAAAAA” –Services IIS,SMTP

Fixing Crypt32 Event ID 8: Failed auto update retrieval of third-party root list

8.Feb.2011 | by Gusac | Filed in: Articles, Troubleshoot

The application log can be filled with Crypt32 error if Windows is unable to download and update the trusted root certificates due to connection issue. The event id looks like: Event Type: ErrorEvent Source: crypt32Event Category: NoneEvent ID: 8Date: dateTime: timeUser: user nameComputer: computer nameDescription:Failed auto update retrieval of third-party root list sequence number from: with error: This operation returned because the timeout period expired.For more information, see Help and Support Center at Cause: In my case, the cause was incorrect proxy server configuration due to which WinHTTP could not go onto the internet. Solution: We would need the utility ProxyCfg to configure proxy configuration for WinHTTP services. This is an inbuilt tool on Windows 2003 server. Use this tool to configure proxy server setting:   ProxyCfg -p <ProxyServer:PORT> This would configure WinHTTP server to go through my Web proxy ‘MyServer’ on port 80 If you already have IE configured with Proxy server configuraiton, you can copy those settings for WinHTTP by using the command: ProxyCfg -u The above command will simply download Internet Explorer’s Proxy configuration for WinHTTP. For Windows 2008 and later, we do no have Proxycfg utility. We need to use Netsh WinHTTP command. For displaying the current setting: Netsh WinHTTP Show Proxy For configuring Proxy server: Netsh WinHTTP Set Proxy <Servername:80>