How to request an Exchange Certificate

Posted on Updated on

1. In Exchange 2010, under Server Configuration, right-click on the server and select ‘New Exchange Certificate’.

2. Enter the friendly name for the new cert

3. Under Client Access server, enter the domain name for under ‘Outlook Web App is on the internet (for activesync – enter the <web internet address> ex.  webmail.domain.org)

4. Enter OU information and select a location where you wanted to save the request file

5. Once completed, open the URL for the CERT server http://servername/certsrv

6. Select ‘Request a certificate’ under the task

7. Select ‘Submit a certificate request using a base-64-encoding

8. Open the request file you saved previously using a notepad and copy and paste the info in the certificate request window

9. Select ‘Web Server’ as Certificate Template and hit submit

10. Save the new cert then go back to the Exchange server and complete the request by point the request to the new cert

IMPORTANT: Open MMC Certificate and make sure there are no certificates that are self-signed. Delete any expired certificates if you can to avoid conflict.

To add a cert with alternate subjects:

1. Open MMC Certificate

2. Under Personal Cert, request for a new cert and select Computer Account

3. Select ‘Web Server’ and under Subject, Alternative Name, select DNS and add the alternate DNS names for the web server

4. Under the Private Key tab, expand Key Options and check ‘Make private key exportable’ and hit Apply

5. Once the certificate is generated, go back to MMC and assign appropriate roles for the certificate

6. Also, do not forget to import the same certificate to Trusted Root

Advertisements

2 thoughts on “How to request an Exchange Certificate

    Fiona said:
    August 14, 2014 at 3:13 am

    Spot on with this write-up, I actually feel this
    web site needs a lot more attention. I’ll
    probably be back again to read through more, thanks for the information!

      Glen responded:
      August 18, 2014 at 8:29 pm

      Thank you Fiona. I am glad I could help. Most of the posts I have in this site are things that I have done or applied my self. Thanks again for visiting my site, and watch out for future posts.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s