27.5 C
Dubai
Tuesday, November 29, 2022

Configuring 3rd Party Exchange Certificate in Exchange 2010

Exchange 2010 creates a self-signed SAN certificate and assigns it to the services like IMAP, POP, IIS, and SMTP.

The only drawback of this self-signed certificate is that it contains the server’s FQDN and NetBIOS names only.

Where we get certificate errors on all the Clients where we need to install the Certificates manually on all the clients , which is a hassle and no one likes it in fact . Cause installing Certificate in mobile devices becomes more complex .

To avoid any certificate related errors and use it over the internet without any problems it is highly recommended that you request and assign a certificate from a Certification Authority that can be contacted from anywhere like VeriSign , Go Daddy ,DigiCert etc.. .
To request a new certificate from a trusted CA use following format:

Step 1:

Requesting a Certificate , you can use shell or GUI

GUI is much user friendly

You can refer the link below to use GUI and Export the Certificate

https://www.azure365pro.com/how-to-use-a-self-signed-certificate-in-exchange-2010/

Mail.CareExchange.in

Autodiscover.careexchange.in

are the two Needed Entries in the SSL Cert.

Or

You can use Shell to Export the Request file – My Servers FQDN is Exchange2010.careexchange.in

Replace the values as per your requirement

Generate a Request

$Data = New-ExchangeCertificate -FriendlyName 'Exchange Cert' -GenerateRequest -PrivateKeyExportable $true -KeySize '2048' -SubjectName 'C=IN,S="MH",L="PN",O="Exchange Messaging",OU="Enterprise Messaging",CN=mail.Careexchange.in' –DomainName 'mail.careexchange.in','autodiscover.careexchange.in -Server 'EXCHANGE2010'

You need to enter this command below in order to get the request file

Export the data into a certificate request file

Set-Content -Path C:\Certreq.req -Value $Data

Step 2:

Use this request file for submission to the CA . For Example Below Uploading a CSR in digi Cert.

and download the certificate. Save the certificate to a convenient location.

image

Step 3:

Import the certificate, Give the Correct location in the command

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path "C:\Exchangecert.pfx" -Encoding byte -ReadCount 0)) -Password:(Get-Credential).password

You can refer the link below to use GUI to import the Certificate using “Step 22”

Use Step 23 to Assign Services like IMAP, POP, IIS, and SMTP.

https://www.azure365pro.com/how-to-use-a-self-signed-certificate-in-exchange-2010/

Great !

You learnt how to Export and Import and Configure Certificates in Exchange 2010

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Specialized in Microsoft Azure - Office 365 / Microsoft Exchange; conducted numerous projects worldwide in designing, supporting, and implementing messaging and virtualization infrastructure for medium-sized and large enterprises. Further, I am a Cloud Architect and Technical Advisor for various start-ups.

Related Articles

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here

× How can I help you?