JOIN OUR AFFILIATE NETWORK

Join our affiliate network and become a local SSL expert

♦ learn more about our program ♦
Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


Generate a CSR for Microsoft Exchange 2007

If you are only using your certificate with OWA, you can generate your CSR via the IIS manager. To do so, follow the instructions here: Generate a CSR with Microsoft IIS5 or IIS6. The procedure is the same than for a classical website.
If you are going to use other functions such as autodiscover, smtp... then follow the instructions below.

Warning: Using certificates with internal server names (xxx.local, yyy.priv, machine_name) or a domain that is not registered or controlled by IANA is disapproved by the CA/Browsers Forum and won't be accepted anymore by November 2015 (Further information).

1- Prepare your order

  • Make sure you are connected to your Exchange server as administrator.
  • Do not enter comma in the fields of your CSR (commas are interpretated as separators).
  • Only use standard characters (letters from A to Z, numbers, dash) in your websites' names. Do not use accent nor ! @ # $ % ^ * ( ) ~ ? > < & / \

2- Generate your CSR

  • Launch the New-ExchangeCertificate cmdlet (in the powershell)
  • generate a CSR with the following command filled with your information. Put the main name of your server in CN=
    N.B.: the following instruction has to be executed with one command line.
  • New-ExchangeCertificate -GenerateRequest -SubjectName 
      "C=FR, O=My Organization, L=Lyon, ST=Rhone, CN=mail.myorganization.com" 
      -privatekeyexportable:$true -Path c:\mail.myorganization.com.txt
    
  • It is not necessary (actually we advise not to) to include the other SANs of the certificate here, you'll do it on our web form.

<< A positional parameter cannot be found that accepts argument -Path >>

This message can be displayed on some Exchange version. In that case you can generate the command without the -Path argument or execute it with 2 commands, see:
$Data = New-ExchangeCertificate -GenerateRequest -SubjectName 
  "C=FR, O=My Organization, L=Lyon, ST=Rhone, CN=mail.moy-organization.com" 
  -privatekeyexportable:$true


Set-Content -path "C:\mail.my-organization.com.txt" -Value $Data

3- Finalize the order process

  • Use the appropriate link to place your order on our website. See Access an order form
  • Copy/Paste the content of the file c:\mail.mycompany.com.txt or the content of the CSR in the form.

See also: