locked
how do I remove and replace the existing certificate in OCS 2007 it won't start services [0xC3EC79E6] error RRS feed

  • Question

  • Ia am using 2008x64 server stand alone, testing lab. Getting DNS from the university network, and CA from a 2003 server.

    I want to change (delete or renew) the certificate, but it doen't update in the step3 of the Deployment wizard.

    Any help is apretiated.

    I read in other posts avout using the OCS conole, but I don't know you to access, it won't start the services.

    Thanks,

    Pedro33
    Tuesday, March 24, 2009 2:21 PM

Answers

  • I loaded the Management console, I was able to delete the certificate, but I still had the same problem with OCS not accepting the certificate from the server.

     

    What I did was to run/mmc. After console1 opened and added the Certificate using  “Add/Remove Snap-in”, I manually installed the certificate into the Personal and the Trusted Root Certification Authority folders.

     

    It worked! it allowed me to finish the installation and to connect some clients to it.

     

    For the clients I had to do the same thing: Run mmc and manually install the certificate.

     

    When I tried to get a certificate for a Vista client, my 2003 internal CA complained about a missing patch. Because of that, Vista or 2008 server would not work!!


    I installed the
    Update for Windows Server 2003 (KB922706)

     

    http://www.microsoft.com/downloads/details.aspx?FamilyId=FFAEC8B2-99E0-427A-8110-2F745059A02D&displaylang=en

     

    Then every thing worked!! This time I run the OCS Management Console, and reinstalled the certificate.

     

    For the clients, because it is an internal CA I had to use ie and ask for the CA root chain.

     

    • Marked as answer by Pedro33 Monday, May 11, 2009 7:00 PM
    Monday, May 11, 2009 7:00 PM

All replies

  • Assuming you are using R2 you'll need to install the management console separatly:
    http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=54

    You can then go to the Front-End Properties on the server object in the tree and use the Certificates tab to delete and select an new certificate.
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Wednesday, March 25, 2009 12:06 PM
    Moderator
  • I loaded the Management console, I was able to delete the certificate, but I still had the same problem with OCS not accepting the certificate from the server.

     

    What I did was to run/mmc. After console1 opened and added the Certificate using  “Add/Remove Snap-in”, I manually installed the certificate into the Personal and the Trusted Root Certification Authority folders.

     

    It worked! it allowed me to finish the installation and to connect some clients to it.

     

    For the clients I had to do the same thing: Run mmc and manually install the certificate.

     

    When I tried to get a certificate for a Vista client, my 2003 internal CA complained about a missing patch. Because of that, Vista or 2008 server would not work!!


    I installed the
    Update for Windows Server 2003 (KB922706)

     

    http://www.microsoft.com/downloads/details.aspx?FamilyId=FFAEC8B2-99E0-427A-8110-2F745059A02D&displaylang=en

     

    Then every thing worked!! This time I run the OCS Management Console, and reinstalled the certificate.

     

    For the clients, because it is an internal CA I had to use ie and ask for the CA root chain.

     

    • Marked as answer by Pedro33 Monday, May 11, 2009 7:00 PM
    Monday, May 11, 2009 7:00 PM