Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.
COURSE of the MONTH
15 days, 2 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Installing 3rd Party SSL Certificates on to Windows Server 2008 R2/Exchange 2010
Posted on 2014-01-10
We currently have a Self-Signed SSL Certificate on an Exchange 2010 Server running Windows Server 2008 R2. We purchased a third party certificate from Mediaura to replace our self-signed certificate. They sent us 3 Certificates and instructed us to install all 3. From IIS7, we were able to use the Complete Certificate Request to install the main mail.xxxxxx.org (SSL https:443) certificate successfully, but do not fully understand the function of the other two certificates or how they work in conjunction with the main certificate. Neither do we know how to or where to import these 2 certificates.
The certificates are called "AddTrustCARoot.crt" and "PositivesSSLCA2.crt".
Please help us to understand how these certificates work with the server certificate and what we need to do to correctly install these on our server.
The certificates are called "AddTrustCARoot.crt" and "PositivesSSLCA2.crt".
Please help us to understand how these certificates work with the server certificate and what we need to do to correctly install these on our server.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
5 Comments
Those are the so called Certificate Chain.
A certificate chain is a path of certificates leading from your certificate (the server certificate) to a trusted anchor (root CA, that should probably be AddTrustCARoot.crt).
For verifying a certificate, a computer needs to know the path from the server certificate until a root CA that he alreay trusts. By intalling those in your server, you allow your server to send them to your clients so they can construct the path and decide if they want to trust the root CA or not.
A certificate chain is a path of certificates leading from your certificate (the server certificate) to a trusted anchor (root CA, that should probably be AddTrustCARoot.crt).
For verifying a certificate, a computer needs to know the path from the server certificate until a root CA that he alreay trusts. By intalling those in your server, you allow your server to send them to your clients so they can construct the path and decide if they want to trust the root CA or not.
Active 1 day ago
How do we install the AddTrustCARoot.crt? Do we do it differently than the Server Certificate?
You can find detailed instruction for that here:
http://www.entrust.net/knowledge-base/technote.cfm?tn=8166
Just select Trusted root instead of intermediate certificate for the root CA
http://www.entrust.net/knowledge-base/technote.cfm?tn=8166
Just select Trusted root instead of intermediate certificate for the root CA
Active 1 day ago
What about the Third Certificate? Would it be imported into the Trusted root as well and do we can have to change the extensions? PositivesSSLCA2.crt
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it.
The vast majority of email clients display l…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online.
The email signature template has been downloaded from:
www.mail-signatures…
Suggested Courses
Course of the Month15 days, 2 hours left to enroll
770 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.