Importing and enabling an SSL certificate for Microsoft Exchange has evolved from earlier versions of Microsoft Exchange. Previously you would need to use IIS MMC console to initiate the certificate request. If your mail server is usually a hosted exchange solution then you definately this article will ‘t be necessary since this is taken care of for the hosting end. In this article I will provided 3 simple steps to accomplish this task:
Request the Exchange 2007 certificate
Requesting the certificate has a lengthily powershell command, one incorrect character or typo may prompt an irritating error. The best way to do that is to use this Exchange Certificate Request Generating tool bought at digicert.com/easy-csr/exchange2007.htm.
Here is definitely an example with the command you must receive:
New-ExchangeCertificate -GenerateRequest -Path c:\mail_mybusinessdomain_com.csr -KeySize 2048 -SubjectName “c=GB, s=london, l=london, o=my business, cn=mail.mybusinessdomain.com” -DomainName autodiscover.mybusinessdomain.com, mybusinessdomain.com -PrivateKeyExportable $True.
In the example shown over the common name (CN) are going to be mail.mybusinessdomain.com. autodiscover.mybusinessdomain.com and mybusinessdomain.comwill be alternative subject names also valid within the certificate once issued. We use multi-named certificates in order to meet the autodiscover recommendations for Exchange 2007, but although is another article by itself.
Now what you must do is copy the shell command the exchange certificate request generator generated then paste it to a powershell command prompt in your Exchange server (should you use Server 2008 be sure you run right click > Run as administrator). Once this really is complete you may locate the file within the root of your C:\ drive (within our example the file name will likely be c:\mail_mybusinessdomain_com.csr).
Open this file (c:\mail_mybusinessdomain_com.csr) in notepad and copy the full content from the encrypted text such as -start- and -finish- lines.
Now go on and login in your control panel from the certificate authority you obtain SSL certificate from (e.g. godaddy, Verisign etc) and paste that encrypted text as advised above when instructed by the CA.