SSL certificates – Prepare a 3rd party SSL certificate for Exchange 2010

Certificates, Exchange, mail, Uncategorized, Windows Servers One comment

Problem
You need to generate a CSR and install 3rd party certificate on Exchange 2010

 

Solution

Start the Exchange Management Console by going to Start > Programs > Microsoft Exchange 2010 > Exchange Management Console.

Click the link to “Manage Databases.”
myite-ex-01

Select “Server Configuration” in the menu on the left, and then “New Exchange Certificate” from the actions menu on the right.
myite-ex-02

myite-ex-03

When prompted for a friendly name, enter a name by which you will remember this certificate in the future.
myite-ex-04

This name is not an integral part of your certificate request.

Under Domain Scope, you can check the box if you will be generating the CSR for a wildcard. Otherwise, just go to the next screen.
myite-ex-05

If you do select that box for a wildcard, skip to entering Organization information.

In the Exchange Configuration menu, select the services which you plan on running securely, and enter the names through which you connect to those services, as prompted.
myite-ex-06

At the next screen, you will be able to review a list of the names which Exchange 2010 suggests you include in your certificate request.
myite-ex-07-1

Your Organization should be the full legal name of your company.
myite-ex-08

Your Organization unit is your department within the organization.

If you do not have a state/province, enter the city information again.

Click “Browse” to save the CSR to your computer as a .req file, then Save, then Next.
myite-ex-09

Click New, and then Finish
myite-ex-10

Review the CSR using notepad. Copy the body of this file into your 3rdparty certificate site and enter your domain you are generating the certificate for e.g. mail.mycompany.com

Once you have completed the online process download your certificate bundle.

If there is an intermediate certificate right click and select the install certificate option and let the wizard place it automatically.

Use the MMC command to launch a management window, add certificates and proceed as follows (instructions for the mmc here)

Right click the personal => certificates window and choose the option to import the SSL certificate.
myite-ex-11

myite-ex-12

Once the wizard is complete, right click the certificate and select the option to export.
myite-ex-26

Follow the wizard choosing Next
myite-ex-27

Click yes to export the private key
myite-ex-28

Verify that PFX is selected
myite-ex-29

Click next and enter a password, then next
myite-ex-30

Select the location you want to export the certificate to
myite-ex-31

Click finish. Check the location for your .pfx file.

Continue with Importing SSL Certificate

 

Tested Platform

Windows 2008 R2 Server

 

Hits: 215