Self-Signing a Exchange 2010 certificate with a local ADS CA
Posted on 2010-01-08
I have an exchange 2010 server. Please dont start with the "buy a request" because that is in the process with GoDaddy it just has to go through lots of hoops with authorization, and I need to test building a certificate, etc. This is being done as a temporary measure and to see if I need a UCC certificate because the server has a name of "exchsrv1" but the server itself has a CNAME and has been told to answer requests as "Exchange". I want to create just an "Exchange" certificate.
Anyways, I go through the Exchange Management Console and I complete a Exchange SSL Certificate Request and it spits out this nice .req file. Lets call it exchange.req.
I take this file over to my Domain controller that is running the CA. I then run "certreq" and specify that file I created "Exchange.req". Then it almost immediately pops out:
Certificate Request Processor: ASN1 bad tag value met. 0x8009310b (ASN: 267)
My limited research online has not shown any steps to create a cer out of a req for an exchange certificate and various certificates appear to need multiple types of processing.
Can someone help me?