IIS 5 & IIS 6
IIS6 SMTP virtual server cant find certificate.
Last post Oct 14, 2020 08:31 AM by Jalpa Panchal
Sep 30, 2020 10:17 AM|J01100001CK|LINK
I am trying to enable TLS email encryption on an SMTP virtual server through the IIS6 manager. It states "TLS is not available without a certificate" under Properties > Access > Secure communication .
I have three other servers using the same certificate and they find it no problem, stating "A TLS certificate is found with the expiration date: 21/09/2021" instead of the above message.
I have checked the personal certificates store and it contains a valid certificate with private key that matches the FQDN of the SMTP server:
FQDN = foo-staging.ad.foo.com
Certificate issued to = *.foo.com
I have also uninstalled and reinstalled the windows features SMTP server and Web Server (IIS) and reimported the certificate but none of this helped.
Is there any way to find out why the SMTP server cant find the certificate or to manually select the certificate instead?
Oct 01, 2020 02:35 AM|Jalpa Panchal|LINK
If you would like to generate the certificate on your Windows Server, you need to install the Active Directory Certificate Services via adding the roles.
1)Setting Up an Enterprise Root CA
2)Installing the Online Responder
3)Configuring the CA to Issue OCSP Response Signing Certificates
4)Creating a Revocation Configuration
5)Verifying that the AD CS Lab Setup Functions Properly
you could refer below link for more detailed steps:
Active Directory Certificate Services Step-by-Step Guide
Securing SMTP Virtual Servers
Oct 01, 2020 08:08 AM|J01100001CK|LINK
I already have the certificate I need to use. The issue is that the SMTP virtual server isn't finding it.
The other 3 servers I mentioned work fine with the cert, so I am looking for a way to find out more information about why this particular server fails to find it.
I should have mentioned that the server has Windows Server 2016 Standard installed, so I don't think either of those links apply.
Oct 14, 2020 08:27 AM|Jalpa Panchal|LINK
under which account your SMTP server is running? try to install your certificate under the trusted root certificate store.
Oct 14, 2020 08:29 AM|J01100001CK|LINK
The certificate is installed in the correct location.
I managed to solve this issue by deleting the site in IIS7, the certificate then appeared in IIS6 and I then remade the site.
Oct 14, 2020 08:31 AM|Jalpa Panchal|LINK
i am glad that your issue is resolved. If your issue is solved then I request you to mark the helpful suggestion as an answer. This will help other people who face the same issue.
Thanks for your understanding.