troubleshooting Question

Exchange 2007 Powershell command for SAN Certiifcate Request Generation

Avatar of amku03
amku03 asked on
Exchange
14 Comments1 Solution453 ViewsLast Modified:
Hi Guys,
We are working on to get a new Verisign SAN Certificate for one of our exchange servers in one of our domain.
Need to verify something related to generating a SAN certificate.

We are using this command to generate the request file, where in we are including the SANs.

New-ExchangeCertificate -GenerateRequest:$true -DomainName eurmail.domain.com, eur-htr1.eur.domain.com, eur-htr2.eur.domain.com, eur-htr.eur.domain.com, Autodiscover.domain.com -PrivateKeyExportable:$true –keysize 1024 –subjectname “c=US o=XYZ Inc, CN=eurmail.domain.com” –Friendlyname eurmail.domain.com -Path C:\certnew.req

Now the command runs fine and the request file is getting generated. The confusion we have is when we run the Get-ExchangeCertificate | fl command we get the following output

Along with my existing internal cert details, I am getting this :

AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {eurmail.domain.com}
HasPrivateKey      : True
IsSelfSigned       : True
Issuer             : CN=eurmail.domain.com, O=XYZ Inc., S=ABC, L=UYT, C=US
NotAfter           : 08.09.2011 01:42:45
NotBefore          : 07.09.2010 19:42:45
PublicKeySize      : 1024
RootCAType         : Unknown
SerialNumber       : 7xxxxx….xxxxxx….3
Services           : None
Status             : Invalid
Subject            : CN=eurmail.domain.com, O=XYZ Inc., S=ABC, L=UYT, C=US
Thumbprint         : Bxxxx….xxxxx….xxxxx….7

My only worry and cause of confusion here I sthat I am not seeing the SAN names in the CertificateDomains field.

Are we generating this certificate request correctly???
Shouldn’t the CertificateDomain show the SUN names too??

Please suggest and help.
ASKER CERTIFIED SOLUTION
endital1097
Customer Engineer

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 14 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 14 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros