We help IT Professionals succeed at work.

Generate new request for certificate

yellowgingham
on
Medium Priority
311 Views
Last Modified: 2012-05-06
Hello,
I have Exch. 2007 and 2008 srv., I wonder how can I install certificate for owa and Outlook access. I have installed Certificate authority role. Now I want to generate certification request but I do not how. In iis I have not found that and command "new-exchangecertificate ..." does not work. When I type it in cmd line, issue that command name is not located appier.
Could you help ?
Comment
Watch Question

Cryptographic Engineer
CERTIFIED EXPERT
Commented:
Here is the overview for using a self-signed cert for exchange 2007:
http://technet.microsoft.com/en-us/library/bb851554.aspx

If you want to migrate to a public certificate, you can use this tool to create a valid request format to use in the Exchange Management Shell - fill in the form and the command will show up, and the instructions are at the bottom.
https://www.digicert.com/easy-csr/exchange2007.htm

If you are using OWA you might consider getting a Unified Communications (UC) certificate for your exchange cert.  The output above will work for any commercial or internal CA.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
"I have installed Certificate authority role"

The CA role is only necessary if you are going to issue internal certificates for use within the company.

"command "new-exchangecertificate ..." does not work. When I type it in cmd line, issue that command name is not located appier."

Just checking, but are you typing the command into the Exchange Management Shell, or just a command prompt? The command must be done from the Exchange Management Shell.

The link that Paranormastic has given you for Digicert's CSR generator is the one I use as well and you will paste the result it gives you directly into the Exchange Management Shell. It does not mean you have to buy the certificate from Digicert, you can use the CSR at any cert authority.

Once you create the CSR and buy your certificate from a cert authority, you will have to import it and set Exchange to use it for SMTP, IMAP and POP protocols. There is another Exchange Management Shell command for this.

In the Exchange Management Console, go to the top of the tree -> Microsoft Exchange. Click on the "Finalize Deployment" tab, and select "Configure SSL for your Client Access Server", and follow the instructions under Steps 2, 3 and 4.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.