Solved

Certificate Request For Exchange On SBS2011

Posted on 2012-04-07
4
974 Views
Last Modified: 2013-12-02
Hello,

I followed advice from an earlier question and got a UCC certificate from GoDaddy for 5 domains. My server is set up to use remote.externaldomain.com

The 5 domains I was going to secure were:

remote.externaldomain.com
autodiscover.externaldomain.com
servername.internaldomain.local
servername
sites

However, when I create the request using SBS2011 console the request already has the following 2 domains added in to it:

externaldomain.com
servername.domain.local

This would force me to have 6 domains since i also need to add externaldomain.com

Why is SBS2011 creating the certificate under externaldomain.com, shouldn't it be using remote.externaldomain.com?

Thank you.
0
Comment
Question by:Pawel_Kowalski
  • 2
  • 2
4 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37819430
How are you creating the Certificate request?  Via the SBS Console Wizard or the Exchange New Certificate Wizard?  I always use the latter and this always works for me.

EMC> Server Config> New Certificate Request Wizard
0
 

Author Comment

by:Pawel_Kowalski
ID: 37819457
I used the sbs console. Will exchange set up remote web workplace for me? Should I worry about SBS console not creating a proper request?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 37819472
RWW is setup by running the SBS Wizards, so that should already have been done.

I use the Exchange Wizard - expand all the sections, fill in the relevant FQDN (internal / External) and then at the bottom, add servername and sites (deleting what is already there) and then click next - check the 5 names you want (which are correct from your list by the way) are listed and if not, go back and correct the Wizard), then once they are correct, set the correct common name remote.domain.com and click next and complete the wizard.

Then take the CSR to GoDaddy and run through the Certificate Request.

Once approved, you need to import and enable the wizard as follows:

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\remote.yourdomain.com.crt -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services IIS,POP,IMAP,SMTP

Change the remote.yourdomain.com.crt to match your certificate name (make sure it is in c:\ or change the path to reflect the location and run the command and everything should start to work and be 100% happy.
0
 

Author Comment

by:Pawel_Kowalski
ID: 37825173
Worked great, thank you.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now