?
Solved

Certificate Request For Exchange On SBS2011

Posted on 2012-04-07
4
Medium Priority
?
1,017 Views
Last Modified: 2013-12-02
Hello,

I followed advice from an earlier question and got a UCC certificate from GoDaddy for 5 domains. My server is set up to use remote.externaldomain.com

The 5 domains I was going to secure were:

remote.externaldomain.com
autodiscover.externaldomain.com
servername.internaldomain.local
servername
sites

However, when I create the request using SBS2011 console the request already has the following 2 domains added in to it:

externaldomain.com
servername.domain.local

This would force me to have 6 domains since i also need to add externaldomain.com

Why is SBS2011 creating the certificate under externaldomain.com, shouldn't it be using remote.externaldomain.com?

Thank you.
0
Comment
Question by:Pawel_Kowalski
  • 2
  • 2
4 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37819430
How are you creating the Certificate request?  Via the SBS Console Wizard or the Exchange New Certificate Wizard?  I always use the latter and this always works for me.

EMC> Server Config> New Certificate Request Wizard
0
 

Author Comment

by:Pawel_Kowalski
ID: 37819457
I used the sbs console. Will exchange set up remote web workplace for me? Should I worry about SBS console not creating a proper request?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 37819472
RWW is setup by running the SBS Wizards, so that should already have been done.

I use the Exchange Wizard - expand all the sections, fill in the relevant FQDN (internal / External) and then at the bottom, add servername and sites (deleting what is already there) and then click next - check the 5 names you want (which are correct from your list by the way) are listed and if not, go back and correct the Wizard), then once they are correct, set the correct common name remote.domain.com and click next and complete the wizard.

Then take the CSR to GoDaddy and run through the Certificate Request.

Once approved, you need to import and enable the wizard as follows:

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\remote.yourdomain.com.crt -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services IIS,POP,IMAP,SMTP

Change the remote.yourdomain.com.crt to match your certificate name (make sure it is in c:\ or change the path to reflect the location and run the command and everything should start to work and be 100% happy.
0
 

Author Comment

by:Pawel_Kowalski
ID: 37825173
Worked great, thank you.
0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month15 days, 20 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question