Banner

How to Request and Import a Certificate for Exchange 2013

Using Exchange Administration Center (EAC)

  • Go to the "Certificates", found under "Servers".
  • Select the server and press the "plus" icon for creating a new certificate request.
  • Select "Create a request for a certificate from a certificate authority". Press Next.
  • Type in a friendly name for the certificate. Press Next.
  • If you want to create the request for a wildcard certificate, select checkbox
  • I don't want a wildcard certificate, so I just let it be unchecked. Press Next.
  • Press Browse and select which server you want to store it on. Press Next.
  • For each service you can here type in the address, and the request will generate the names in the end.
  • When you are done press Next.
  • Go through the names in the list and make sure that all names that's needed are included. Press Next.
  • Fill in Organization name, Department, Country, City and State. Press Next.
  • Save the request file to a shared location

Example: \\Server\folder\CertRequest.cer

  • When the request is completed, it shows up with the friendly name, together with the status "Pending request".
  • When the certificate is issued, press the "Complete" button below the status.
  • Type in the URL path to the .cer file,
    \\Server\folder\CertRequest.cer
  • For assigning the services to the certificates, select the certificate and press the Edit button.
  • Go to "Services" and add the one's that should be used. Press Save.
  • Press OK.
  • Check if the services are assigned to the certificate.

Using PowerShell

Start the Exchange Management Shell, let's view the existing certificates and then make a new cert request like above. Finally import the issued certificate.

Get-ExchangeCertificate

Get-ExchangeCertificate | fl

The cmdlet below creates a new certificate request and saves it to a share


New-ExchangeCertificate -Server DEMO01 -GenerateRequest -FriendlyName Test-Exch2013 -PrivateKeyExportable $true -SubjectName "c=Canada, s=Ontario, l=Toronto, o=mylab, ou=Testlab, cn=mail.testlab.com" -DomainName mail.testlab.com,autodiscover.testlab.com -RequestFile "\\Server\folder\CertRequest.cer"

Import-ExchangeCertificate -Server DEMO01 -FileName "\\Server\folder\CertRequest.cer" -PrivateKeyExportable $true -FriendlyName Test-Exch2013

Enable-ExchangeCertificate -Thumbprint A2E6649A22A99BEAB2654BEB403C92BB9D34B404 -Services "IIS, SMTP, POP, IMAP" -Server DEMO01

Get-ExchangeCertificate

Use Ctrl+Shift+R to "Reply all" to the selected message.
 

To submit a question or tip, please email faq@outlook-web-access.com

Poll

Will tablet and Smart phone use be a big part of your OWA 2013 deployment?

Exchange Server Links

Third Party Exchange Software