Step 8: Configure SSL Certificate

May 30, 2018 | by iaur | posted as Configuration(2016), Exchange Onprem

Scenario 1: Fresh certificate request and import

• Search for “Exchange Admin Center” > sign-in admin account > servers > certificates > click the + sign then select the  ‘Create a request from a certification authority”
  1. Name: Any name
  2. Request a wildcard certificate
  3. Root is your domain
  4. Add company info
  5. Save to: \\<servername>\c$\mycertrequest.req

• Submit CSR to digicert then proceed with completion

• Download the certificate to the exchange server then import using digicert utility
• Complete the certificate request in IIS manager > server certificates > complete request
• Verify if certificate is already valid in EAC
• Go to EAC > servers > certificates > select the new certificate > edit > service add SMTP and IIS

More here.

Scenario 2:  You have an existing server with certificates

1.  Export the certificate from your old server using  ECP

ECP> Server > Certificates> Export Exchange Certificates

2. Follow the wizard > Obtain Sysvol path> Create a .pfx file and a password

3. Transfer the file to the new server

4.  On the new server, Access IIS Manager>  Click the server> Go to Server Certificates

5. On Server Certificates, Click Import  (upper right side ) > Locate the pfx file > Complete the import

6. Access ECP> Server > Certificates> Export Exchange Certificates and check if the import was a success.

7. Edit the item > Click Services > Tick IIS and SMTP services > Save

8. After that and after configuring, your external URLs (OWA,ECP) can now be publicly accessed using SSL