Solved

Certificate Request For Exchange On SBS2011

Posted on 2012-04-07
4
991 Views
Last Modified: 2013-12-02
Hello,

I followed advice from an earlier question and got a UCC certificate from GoDaddy for 5 domains. My server is set up to use remote.externaldomain.com

The 5 domains I was going to secure were:

remote.externaldomain.com
autodiscover.externaldomain.com
servername.internaldomain.local
servername
sites

However, when I create the request using SBS2011 console the request already has the following 2 domains added in to it:

externaldomain.com
servername.domain.local

This would force me to have 6 domains since i also need to add externaldomain.com

Why is SBS2011 creating the certificate under externaldomain.com, shouldn't it be using remote.externaldomain.com?

Thank you.
0
Comment
Question by:Pawel_Kowalski
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37819430
How are you creating the Certificate request?  Via the SBS Console Wizard or the Exchange New Certificate Wizard?  I always use the latter and this always works for me.

EMC> Server Config> New Certificate Request Wizard
0
 

Author Comment

by:Pawel_Kowalski
ID: 37819457
I used the sbs console. Will exchange set up remote web workplace for me? Should I worry about SBS console not creating a proper request?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 37819472
RWW is setup by running the SBS Wizards, so that should already have been done.

I use the Exchange Wizard - expand all the sections, fill in the relevant FQDN (internal / External) and then at the bottom, add servername and sites (deleting what is already there) and then click next - check the 5 names you want (which are correct from your list by the way) are listed and if not, go back and correct the Wizard), then once they are correct, set the correct common name remote.domain.com and click next and complete the wizard.

Then take the CSR to GoDaddy and run through the Certificate Request.

Once approved, you need to import and enable the wizard as follows:

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\remote.yourdomain.com.crt -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services IIS,POP,IMAP,SMTP

Change the remote.yourdomain.com.crt to match your certificate name (make sure it is in c:\ or change the path to reflect the location and run the command and everything should start to work and be 100% happy.
0
 

Author Comment

by:Pawel_Kowalski
ID: 37825173
Worked great, thank you.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question