Generate a CSR for Microsoft Exchange 2007
If you are only using your certificate with OWA, you can generate your CSR via the IIS manager. To do so, follow the instructions here: Generate a CSR with Microsoft IIS5 or IIS6. The procedure is the same than for a classical website.If you are going to use other functions such as autodiscover, smtp... then follow the instructions below.
Warning: Using certificates with internal server names (xxx.local, yyy.priv, machine_name) or a domain that is not registered or controlled by IANA is disapproved by the CA/Browsers Forum and won't be accepted anymore by November 2015 (Further information).
1- Prepare your order
- Make sure you are connected to your Exchange server as administrator.
- Do not enter comma in the fields of your CSR (commas are interpretated as separators).
- Only use standard characters (letters from A to Z, numbers, dash) in your websites' names. Do not use accent nor ! @ # $ % ^ * ( ) ~ ? > < & / \
2- Generate your CSR
- Launch the New-ExchangeCertificate cmdlet (in the powershell)
- generate a CSR with the following command filled with your information. Put the main name of your server in CN=
N.B.: the following instruction has to be executed with one command line.
New-ExchangeCertificate -GenerateRequest -SubjectName "C=FR, O=My Organization, L=Lyon, ST=Rhone, CN=mail.myorganization.com" -privatekeyexportable:$true -Path c:\mail.myorganization.com.txt
<< A positional parameter cannot be found that accepts argument -Path >>
This message can be displayed on some Exchange version. In that case you can generate the command without the -Path argument or execute it with 2 commands, see:$Data = New-ExchangeCertificate -GenerateRequest -SubjectName "C=FR, O=My Organization, L=Lyon, ST=Rhone, CN=mail.moy-organization.com" -privatekeyexportable:$true Set-Content -path "C:\mail.my-organization.com.txt" -Value $Data
3- Finalize the order process
- Use the appropriate link to place your order on our website. See Access an order form
- Copy/Paste the content of the file c:\mail.mycompany.com.txt or the content of the CSR in the form.
See also:
Last edited on 08/07/2017 13:33:42 --- [search]