First we need to create a certificate request
Open the Microsoft Exchange Management Console and navigate to Microsoft Exchange -> Server Configuration.
On the right panel press the “New Exchange Certificate”
The “New Exchange Certificate” wizard will start. Enter a friendly name, just a name to remember what this certificate is about.
no need to check the wildcard option
At the next page select the services that you want, in most cases select all “Client Access Server”,
Next add all the alternative names that you want to include to the certificate
fill the Organization form and select the save path
finally press “new” to create the certificate request
after this at the Exchange Certificates windows of the Exchange Management Console you will see a new item that will say “Pending request”.
Open the exported file with notepad and save it as “ASCII” encoding (the original is Unicode)
Now we need to go to our Domain’s Active Directory Certification Authority and open an elevated command prompt.
Run the command:
certreq.exe -submit -attrib CertificateTemplate:WebServer
It will ask you to select the request file, select the ACHII encoded file
and then select the Certification Authority
finally it will produce a cer file.
Go back to the Exchange Certificates window of the Exchange Management Console, select the “pending certificate request” and press “complete pending request”. Select the cer file, select the services needed (IIS, SMTP, POP, IMAP) and the wizard will create the certificate and enable it for the services.
Pantelis Apostolidis is a Cloud Solutions Architect at Microsoft and an ex Microsoft Azure MVP. For the last 15 years, Pantelis has been involved to major cloud projects in Greece and abroad, helping companies to adopt and deploy cloud technologies, driving business value. He is entitled to a lot of Microsoft Expert Certifications, demonstrating his proven experience in delivering high quality solutions. He is an author, blogger and he is acting as a spokesperson for conferences, workshops and webinars. He is also an active member of several communities as a moderator in azureheads.gr and autoexec.gr. Follow him on Twitter @papostolidis.