Question : Replacing SSL certificate for OWA

Hi,

Got another unusual problem.  We currently have a up and running OWA using a certificate from our own inbuilt CA.  I'm rebuilding the CA so want to get rid of this certificate and have obtained a wildcard certificate for our domain.

When I replace the certificate it all appears to work fine.  No errors in the IIS logs or event viewer or anything.  But when I replace it and try to connect from a client, IE displays the message "This page cannot be displayed" (the message that you get when there is no website).

I replace it back with the old certificate and it all works again.  I would think if there was a problem with the certificate IE would say there was, not just put up a blank page.

Any ideas on what might be happening?  Can OWA accept wildcard certificates?

Answer : Replacing SSL certificate for OWA

After you install the certificate. Go to the properties of Default Web Site in IIIS and directory security tab, select view certificate and see if the certificate has a statement in the bottom mentioning "You have a Private Key that correnponds to this certificate". If this statement is missing for the certificate you have installed on the default web site then that certificate is as good as dead. This could be because of 2 reasons:
1. The Certificate Store was not able to get the private key for the certificate, to resolve the same you would have to run a command in the command prompt.
   Certutil -repairstore my "Serial number of the certificate" (The serial number of the certificate can be found on the details tab of the certificate once you view it from Default Web Site)
Reference : http://support.microsoft.com/kb/889651

2. The vendor who issued you the certificate missed the Private Key, in this case you would have to contact the vendor and have him re-issue the certificate.

Imran