Step 8: Configure SSL Certificate

May 30, 2018 | by iaur | posted as Configuration(2016), Exchange Onprem

Scenario 1: Fresh certificate request and import

  • Search for “Exchange Admin Center” > sign-in admin account > servers > certificates > click the + sign then select the  ‘Create a request from a certification authority”
    1. Name: Any name
    2. Request a wildcard certificate
    3. Root is your domain
    4. Add company info
    5. Save to: \\<servername>\c$\mycertrequest.req
  • Submit CSR to digicert then proceed with completion
  • Download the certificate to the exchange server then import using digicert utility
  • Complete the certificate request in IIS manager > server certificates > complete request
  • Verify if certificate is already valid in EAC
  • Go to EAC > servers > certificates > select the new certificate > edit > service add SMTP and IIS

More here.

Scenario 2:  You have an existing server with certificates

1.  Export the certificate from your old server using  ECP

ECP> Server > Certificates> Export Exchange Certificates

Machine generated alternative text:

2. Follow the wizard > Obtain Sysvol path> Create a .pfx file and a password

Machine generated alternative text:

3. Transfer the file to the new server

Machine generated alternative text:

4.  On the new server, Access IIS ManagerClick the server> Go to Server Certificates

Machine generated alternative text:

5. On Server Certificates, Click Import  (upper right side ) > Locate the pfx file > Complete the import

Machine generated alternative text:

6. Access ECP> Server > Certificates> Export Exchange Certificates and check if the import was a success.

Machine generated alternative text:

7. Edit the item > Click Services > Tick IIS and SMTP services > Save

Excha 
Second Cert 
general 
IIS 
e Certificate - Excha 
e Admin Center 
Specify the Exchange services that you want to assign this certificate 
services 
to. Learn more 
SMTP 
Microsoft Exchange Unified Messaging 
Unified Messaging Call Router 
IMAP 
POP

8. After that and after configuring, your external URLs (OWA,ECP) can now be publicly accessed using SSL

Outlook 
a Secure https://mail.faceresionem.xyz/owa/auth/logc 
Connection is secure 
Your information (for example, passwords or credit 
card numbers) is private when it is sent to this site. 
Learn more 
Certificate (Valid) 
Cookies (I in use) 
Site settings

Feedback or Help?

Should you have one, click here

Boring Ads. Pardon me :)