Friday, while building a new lab to use while writing a chapter for our new Microsoft Teams book, I went through the normal process in Exchange to request a certificate and apply it. Easy peasy normally, right?
It should have been. I was able to quickly resolve it, but I thought I’d share my quick tale of woe.
After building my oh-so-vanilla Exchange server (I believe the technical term is Next, Next, Finish), I was feeling particularly lazy and went through the Exchange Admin Center to request a certificate. I plopped in my details, and then took the text of the resulting CSR and pasted it into Digicert’s tool.
For the record, I requested a wildcard cert from Digicert (*.advancedmsteams.com, if you must know).
Anyway, a few minutes later, I received an email notifying me of my certificate’s completion. I proceeded to log into the Digicert web portal and downloaded the file, saving it to my newly-minted Exchange server.
I navigated back to the EAC and browsed to the cert. And then, this:
A special Rpc error occurs on server [servername]: The source data is corrupted or not properly Base64 encoded.
Seems like a good time to invoke Wanda:
Don’t worry. I figured it out. And you can, too.
As it turns out, I had downloaded the completed certificate in the .PEM format, including all certificates in the chain.
So, at this point, there were two possible solutions:
- Go back to Digicert and download it in a different format (obviously, the easier solution, but we’re in technology, and everyone knows that’s not how we roll)
- Edit the PEM file
In my case, I just deleted the last two certificates (everything from the second —–BEGIN CERTIFICATE—– line down), saved, and retried the import. Viola!
Note: if your server doesn’t already trust the issuing certificate authorities, you may want to go back and download a certificate bundle that has them all and import it.
Until next time,