Wednesday , August 21 2019

Configuring 3rd Party SSL Exchange Certificate in Exchange 2013

Exchange 2013 creates a self-signed SAN certificate and assigns it to the services like IMAP, POP, IIS, and SMTP.The only drawback of this self-signed certificate is that it contains the server’s FQDN and NetBIOS names only.Where we get certificate errors on all the Clients where we need to install the Self signed Certificates manually on all the clients , which is a hassle and no one likes it in fact .

To avoid any certificate related errors and use it over the internet without any problems it is highly recommended that you request and assign a certificate from a Certification Authority that can be contacted from anywhere like DigiCert,VeriSign,Go Daddy etc.. .

To request a new certificate from a trusted CA use following format:

Step 1:

Requesting a Certificate , you can use Exchange Management shell or GUI

GUI is much user friendly

You can refer the link below to use GUI and Export the Exchange Certificate

How to Create an SSL Certificate Request for Exchange Server 2013

Step 2:

Use this request file for submission to the CA and download the certificate. Save the certificate to a convenient location.

image

Upload the CSR (.req) file to the third party Cert providers like DigiCert.

image

And once the Verification Process completes. you can download the Cert from their Portal.

Step 3:

To Import the Generated certificate

See

How to Complete a Pending SSL Certificate request in Exchange Server 2013

Great !!

You learnt how to Export and Import Exchange Certificates in Exchange 2013

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Azure365pro.com. Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Save Public IPs using F5 LTM Policies

F5 has different modules and one of them is LTM – Local Traffic Manager . ...

9 comments

  1. Thanks Satheshwaran, the process is new to me so I used your guide and http://www.techieshelp.com/exchange-2013-configuring-and-installing-an-ssl-certificate/ to get our cert in place. Big changes in 2013!!

  2. Good One Satheshwaran

  3. Hi,

    i am having problems with my internal outlook clients connecting to our internal exchange server 2013, can you please confirm that i do indeed require a CA certificate for internal users to connect to the exchange server, or are CA only meant for external clients (OWA etc).

    any help would be very much appricated. many thanks in advance.

    Ajay Paul

  4. Hey!
    how can import an cert to an Exchange 2013!
    For few Days have harddrive crash on that was my Exchange 2013 server with 3:e parts certficate
    can i do Pending SSL Certificate request then import my cert then have from my Go Daddy

  5. Hello Sateshwaran, by following your tutorial my multi tenant exchange is ready now ..
    I am now ready to sell mailboxes and my problem is that I can’t buy expensive mailbox migration tools so is it possible to migrate customers
    Mailboxes without using these expensive tools ?

    2ndly mailboxes working fine with OWA, IOS, Android but with outlook it asks every time for password when i open outlook any idea ?

    Thanks

  6. Hello Sateshwaran. my multi tenant exchange is ready by following your tutorial
    I am now ready to sell mailboxes and my problem is that I can’t buy expensive mailbox migration tools so is it possible to migrate customers Mailboxes without using these expensive migration tools ?

    2ndly mailbox connectivity with Android,IOS, OWA working fine but with Outlook it always ask for Password when i open Outlook any idea ?

    Thanks
    Ihsan

    • Satheshwaran Manoharan

      Re check Outlook anywhere settings. Are you using Autodiscover redirect.?
      cheapest – DO Manual PST migration Add X500 . You have to get ready handling the nightmare of NDrs and unhappy customers.

Leave a Reply

Your email address will not be published.