Exchange - Exchange 2013 SSL Certificates

Updated

This article describes how to obtain, generate, and install SSL certificates for Microsoft Exchange 2013, including steps for CSR creation, certificate installation, and enabling protocols for secure communication.

In order to utilize certificates, they must first be obtained and then installed.

Also see Journaling - Journaling Guides and Directory Synchronization - Overview.

Obtaining SSL Certificates

To use SSL certificates in Exchange 2013, you will need to go through a process of generating a CSR (certificate signing request) on your Microsoft Exchange server, submitting the request to one of the supported Certificate Authorities, and installing the certificate on Microsoft Exchange 2013. Once the certificate has been installed you need to enable the certificate for your chosen protocols (detailed later in this guide).

Command Line CSR Generation (Exchange Management Shell)

See Microsoft support, for more information on Exchange Management Shell.

You can access the Exchange Management Shell, by using the following steps:

  1. Log into Microsoft Exchange 2013 Server as an Exchange administrator.
  2. Open the Exchange Management Shell and use the New-Exchangecertificate cmdlet to generate a new certificate request.

The following command is an example that you could use. This example assumes that:

  • Your organization is called Acme Corp.
  • Your organization is located in the United Kingdom.
  • Your Exchange 2013 server's FQDN is exchange.acmecorp.com
  • You want to export your request to C:\
$reqfile = New-ExchangeCertificate -GenerateRequest -SubjectName "C=GB,o=AcmeCorp,cn=mail.acmecorp" -DomainName "exchange.acmecorp.com" - PrivateKeyExportable $true

$reqfile | out-file c:\certreq.txt

If you are unsure of how to run the above Exchange cmdlet, see Microsoft's Support article.

Mimecast does not support self-signed certificates, so this request needs to be submitted to one of the recognized certificate authorities.

Installing SSL Certificates

Once the certificate has been issued by the Certificate Authority, you need to import the certificate into the Microsoft Exchange 2013 Server. After installing the certificate onto your Exchange server, you will need to enable it for use with the SMTP or POP3 protocol. See  Microsoft's article on how to use the Exchange Certificate Management User Interface.

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.