Knowledge Base
Create a CSR for Exchange 2007
This guide will take you through the steps that you need to follow in order to create a Certificate Signing Request on Exchange 2007.
IMPORTANT: The IIS Console and the MMC snap-in do not work with Exchange 2007. Please follow the steps listed below carefully. Using other programs might lead to unexpected errors.
How To Create a CSR on Exchange 2007
- You will need to start the Exchange Management Shell. Do this as a user with admin rights and make sure you have selected the correct server.
Go through Start to All Programs to Microsoft Exchange Server 2007 and finally choose Exchange Management Shell as shown in the picture below.
- Certain programs require additional information if you want them to work with your SSL Certificate. These include Outlook Web Access, Outlook Anywhere, and the auto-discovery function.
For the first two (Outlook Web Access and Outlook Anywhere) you will need to set the name as webmail.mysecuredomain.com. For auto-discover, autodiscover.mysecuredomain.com should be set. - This is the command that you will need to enter in order to create a Certificate Request Signing with Autodiscovery (you will need to change mysecuredomain.com to your own domain name, C= must be followed by your 2-letter ISO code, O= must be your company name, L= is your locale or city, S= is your province or state):
New-ExchangeCertificate -DomainName autodiscover.mysecuredomain.com -Force -FriendlyName Name -GenerateRequest:$True -Keysize 2048 -Path c:/csr.txt -privatekeyExportable:$true -SubjectName "C=AU, O=Yourcompanyname, L=Yourcity, S=Yourprovince, CN=mail.mysecuredomain.com"
- This is the command that you will need to enter in order to create a Certificate Request Signing with Outlook Anywhere and Outlook Web Access (you will need to change mysecuredomain.com to your own domain name, C= must be followed by your 2-letter ISO code, O= must be your company name, L= is your locale or city, S= is your province or state):
New-ExchangeCertificate -DomainName mail.mysecuredomain.com -Force -FriendlyName Name -GenerateRequest:$True -Keysize 2048 -Path c:/csr.txt -privatekeyExportable:$true -SubjectName "C=AU, O=Yourcompanyname, L=Yourcity, S=Yourprovince, CN=mail.mysecuredomain.com"
- After you have used these commands you will generate a file called c:/csr.txt. That's your CSR - congratulations, you've done it.
Now, once you have received your SSL Certificate, you can install it.
* Your feedback is too short