1. Log into Exchange Admin Center.
First we need to log into the Exchange Admin Center.
2. Navigate to the Servers >> Certificates tab.
To generate a certificate request we need to navigate to the "Servers" tab on the left hand side. Then we need to click on the "Certificates" tab along the top.
3. Click the + "New" button.
4. Choose the Certificate Type you would like to create
You will have two choices. The first is to create a certificate request for a third party cert, or create a self signed cert. Since we are planning on publishing our exchange certificate to the internet, we'll have to use a third party cert. So for this video we will select "Create a request for a certificate from a certificate authority" and click Next.
5. Specify a friendly name.
Specify a friendly name. This is just a display name for the certificate. Click next.
6. Review your wildcard options.
Unless you plan to deploy a wildcard certificate leave the options for wildcard certificate unchanged and click next.
7. Specify a Client Access Server (CAS)
Specify a Client Access Server (CAS) where the certificate request will be stored. You can export/import this certificate to other Client Access Servers once the original request has been finalized. Click Next.
8. Click Next on the domain included screen.
9. Use the Add, Edit, or Remove buttons to change the subject names on the certificate request.
Use the Add, Edit, or Remove buttons to change the subject names on the certificate request. Note: Internal host names are no longer permitted on certificates. Specify a common name with the checkmark button. Click Next.
10. Specify the organization information.
Enter all your organizations information and click Next.
11. Specify a location to save the certificate request file.
Specify a location to save the certificate request file and click Next. This must be a UNC path and I recommend saving as a TXT file.
12. Switch to your server to collect your certificate text.
Copy the entire contents of this file, including the BEGIN and END lines and process this with your 3rd party provider.
13. Once approved, download your certificate.
Download the certificate from your 3rd party provider. Select the certificate request in EAC that you generated earlier. It should still show a status of "Pending Request". Click the "Complete" link.
14. Specify the location to the certificate file.
Specify the location to the certificate file. Like before it must be a UNC path. Click Ok. The completed certificate will now show a status of "Valid". Now we need to assign services to the certificate.
15. Assign the certificate to the appropriate services.
Double click to open the certificate, select the "Services" tab, assign the necessary services and click "Ok". You are all set!