I installed the following certificates below but I keep getting “The Certificate is Invalid for Exchange Server Usage” Error in Exchange 2010 Console. I used the wizard to complete pending request. I also impoted the certificates below using MMC>Certicates>*>Import
Root: AddTrustExternalCARoot.crt
Intermediate 1: UTNAddTrustSGCCA.crt
Intermediate 2: ComodoUTNSGCCA.crt
Intermediate 3: EssentialSSLCA_2.crt
Exchange 2010 does not like the EssentialSSL hierarchy for some reason whereas Exchange 2007 had no issue with it. We recommend that for Exchange 2010 that customers use the Unified Communications certificate from our InstantSSL.com page.
I always had the exact same problem in Exchange 2007, and the official response I got from Comodo support was “Don’t use the EssentialSSL hierarchy for Exchange”.
As Sal states, you won’t have this issue with a UC cert. The InstantSSL certificates are also fine with Exchange, and significantly cheaper.
I really wish Comodo would more actively warn people about this. It’s fine to say “we only officially support UC Certs with Exchange” but it’s all SSL, there should be an expectation it all “just works”.
I actually logged a paid Microsoft ticket about this a few years back, and their view was that every EssentialSSL certificate I could find is “broken, contact your supplier”.