sslsd-logo

CSR Generation in Microsoft Exchange Server 2010 – Instructions

Microsoft Exchange Server 2010 SP3 helps IT Professionals achieve new levels of reliability with greater flexibility, enhanced user experiences, and increased protection for business communications.

  • Flexible and reliable – Exchange Server 2010 SP3 gives you the flexibility to tailor your deployment based on your company’s unique needs and a simplified way to keep e-mail continuously available for your users.
  • Anywhere access – Exchange Server 2010 SP3 helps your users get more done by giving them the freedom to securely access all their communications – e-mail, voice mail, instant messaging, and more – from virtually any platform, Web browser, or device.
  • Protection and compliance – Exchange Server 2010 SP3 delivers integrated information loss prevention, and compliance tools aimed at helping you simplify the process of protecting your company’s communications and meeting regulatory requirements.

This Article will carry you through the following:

  1. CSR Generation in Microsoft Exchange Server 2010
  2. Create your CSR with the Exchange Management Shell

1. CSR Generation in Microsoft Exchange Server 2010

    1. Open Exchange Server
      Launch Microsoft Exchange 2010 from your programs and select Exchange Management Console.
    2. Navigate to “New Exchange Certificate”
      Select Manage Databases on the right hand side.
      exchange server

Select Server Configurations in the left side menu.
Select New Exchange Certificate in the right side menu.

    1. Enter a Friendly Name when prompted in the opened window.

Note: Please name the file something you can easily recognize in the future. This will only be an internal reference name and will not be part of your SSL certificate.

  1. Indicate if certificate is Wildcard
    In the Domain Scope menu, select the check box ONLY if you are using a Wildcard Certificate (*.yourdomain.com) and if so, skip to Step 6. If not, proceed accordingly to the next screen/step.
  2. Specify Domain Names
    In the Exchange Configuration menu, click the Service Options that you plan on securing and specify the Domain Name for each service.
    Note: The next screen will suggest names for you. You can remove them if you like by right clicking on them.
  3. Enter in the CSR Details
    • Common Name (CN): The FQDN (fully-qualified domain name) you want to secure with the certificate such as www.google.com, secure.website.org, *.domain.net, etc.
    • Organization Name (ON): The full legal name of your organization including the corporate identifier.
    • Organizational Unit (OU): Your department such as ‘Information Technology’ or “Website Security.”
    • Locality or City (L): The locality or city where your organization is legally incorporated. Do not abbreviate.
    • State or Province (S): The state or province where your organization is legally incorporated. Do not abbreviate.
    • Country Name (C): The official two-letter country code (i.e. US, CH) where your organization is legally incorporated.exchange server
  4. Save the CSR
    Click Browse to specify the location where you want to save the CSR as a “.reg” file and click Save.
    Enter a friendly name to distinguish the request in the future.
    Click Next, New, and then Finish.
  5. Generate the Order
    Locate and open the newly created CSR from the specified location you choose in a text editor such as Notepad and copy all the text including:

    —–BEGIN CERTIFICATE REQUEST—–
    And
    —–END CERTIFICATE REQUEST—–

Return to the Generation Form on our website and paste the entire CSR into the blank text box and continue with completing the generation process.
Upon generating your CSR, your order will enter the validation process with the issuing Certificate Authority (CA) and require the certificate requester to complete some form of validation depending on the certificate purchased.

2.Create your CSR with the Exchange Management Shell

    1. Start the Management Shell by going to Start > Programs > Microsoft Exchange 2010 > Exchange Management Shell
      From the Exchange Management Shell command line, type the following:New-ExchangeCertificate -GenerateRequest -KeySize 2048 -SubjectName “c=US, l=YourLocalityOrCity, s=YourStateOrProvince, o=YourCompanyInc, cn=YourFirstDomain.com” -DomainName YourSecondDomain.com, YourThirdDomain.com -PrivateKeyExportable:$true

      This command should be entered into the management shell as one line. Make sure to replace the details listed in this sample command with the details of your own organization as explained above.

      Note: The first domain name is listed inside the “-SubjectName” after “cn=” and additional domain names are added after the -DomainName parameter with commas between the additional domain names. You can add as many additional domain names as necessary.

    2. Your CSR file will be printed to the management shell after running this command. To copy it from the management shell, you will need to right click and choose “mark”. You can now paste the entire contents of the file, including the BEGIN and END tags to the DigiCert online order form when prompted.If you want to create a CSR file automatically on your machine after running the CSR creation command, run the following line immediately after generating the fileSet-Content -path “C:\your_CSR_name.csr” -Value $Data.

We hope this guide helped you with this easy process. If you are unable to use these CSR Generation instructions, Acmetek recommends that you contact either the vendor of your software or the hosting organization that supports it.

Recent Posts

S/MIME for Outlook O365 Windows

Add to Favorites S/MIME Advantages of S/MIME Certificates S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates offer several advantages when it comes to securing email communications. Here

Read More »

Abbreviations

Add to Favorites There are literally thousands of IT abbreviations out there. Many are concerned with the technical aspects of the computer, while others deal

Read More »

SSL Installation on Qmail

Add to Favorites SSL Installation on Qmail Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts.

Read More »