file · web viewprovide the certificate path to import in exchange server which has been...
TRANSCRIPT
This document contains the following:
Creating New Exchange certificate using Exchange management console and generating CSR to internal Domain controller to get SAN Certificate
Installing pre-requisites for CA Server. Installing the CA Server to get SAN certificate. Submitting the Exchange 2010 CSR to get SAN certificate. Installing SAN certificate to Exchange 2010 Trusted root. Complete the pending Exchange certificate using Exchange
management console. (Importing Certificate) Enable exchange 2010 client services on SAN certificate.
Click on New Exchange Certificate from Server Configuration action console
Uncheck enable wildcard certificate and click on next
Enter the external FQDN which is registered which will be used for OWA
Enter the external FQDN which is registered which will be used for ActiveSync
Enter the external FQDN which is registered which will be used for Auto discover
Enter the external FQDN which is registered which will be used for Exchange 2003/2007
Verify the FQDN and click on next
Enter the Org. details and give the path to save CSR, Click on next
Verify the completion and observed the commands which is used via poweshell at backend.
Select IIS for Cert Server virtual directory
Click on certificate services and you will be prompted a popup for warning
Click on yes for warning message.
Select enterprise root CA and click on next
Give the common as desired and click on next
Leave the default settings and click on next
Observe the progress
Observe the progress
Click on finish to complete
Verify the virtual directory is created on CA server.
Run the above command to enable SAN certificate generate support for Windows 2003 CA server.
Login to CA server and browse local host giving the virtual directory path and select request a certificate.
Select advanced certificate
Select 2nd option
Open the Exchange CSR into text file and copy it to saved request
Copy and paste the Exchange, select webserver on certificate template and click on submit
Select base 64 encoded and click on download certificate chain
Save it to Exchange computer to complete the pending request/Import which was generated from Exchange Server.
Import the certificate 1st into Exchange computer trusted root zone.
Via EMC – Server configuration – right click the newly created exchange cert and select complete pending request.
Provide the certificate path to import in exchange server which has been generated from root CA
Verify the path and click on complete the pending request.
Verify the completion and click on finish
Make sure there is no error on the certificate console
Assign exchange client services to certificate
Select the server on which to assign the services.
Select Imap, POP & IIS and click on next
.
Verify the command and click on assign
Verify and click on finish to complete
Verify the exchange client services are assigned to the SAN certificate.
Run the above command to get the Exchange Server certificate status.
Thank You!
Hope that’s been informative to you!