Request A Certificate for Exchange from CA

Howdy all,

this is a simple guide for people need help how to request a certificate from the your Certification Authority.

The steps are the same for any of the services in the Exchange , but for this guide I’m going to be talking about the UM-Service.

Log into Your Exchange Server which you want to issue the Certificate to

open the EMC

1- Under “Server Configuration” in the Action Panel “Right Side” click on “New Exchange Certificate”

2- Give the Certificate a friendly name like “contoso-UM” and click Next

3-in the Domain Scope Page click Next

4- in the Exchange Configuration Page expand the Unified Messaging Server  and Check the “Public Certificate” box and type the FQDN of your UM server.

this is the step you can configure the Certificate to the Services you want to use the certificate for like OWA , Autodiscover…etc.. our case it is UM

5-In the “Certificate Domain” page add the UM-Server or the Name of the Exchange Server that is hosting this role

6- In the “Organization and location” Page fill the required information and browse to a place where you going to save the .req file to submit it to the CA later

this can be done by just creating a text file on the Desktop with the name of your certificate like “contoso-UM.req”

7-in the “Certificate Configuration” Page click “New”

8- in the Completion Page click “Finish”

9- in the “contoso-UM.req” file created by the Exchange open it and copy the content between the Two lines

10- Now log into your CA using the IE or any method you like and click on “Request a Certificate”

11- next Page click on “Advance Certificate Request” then click on “Submit a certificate request using a base-64-encoded CMC or…….”

12- in the Next Page past the content of the contoso-UM.req file into the  Based-64-encoded Certificate Request Box and click submit

13-in the next page click “download Certificate” and save the certificate on your Desktop “Contoso-UM.cert”

14-Now go back to the EMC select the UM-Server from the menu and click on “Complete Pending request” in the Action Menu.

15- Browse / Select the “contoso-UM.cert” file

16- Next Page click Finish

17- now  time to assign the Certificate for a service, select the certificate and then in the Action Panel click on “Assign Services to Certificate”

18-In “Select Server” Page , add the Server you want to assign the certificate to “Exchange-UM Server” in our case

19-In “Select Service” page , select the services you assigning this certificate to ” Unified Messaging” in our case

20- In “Assign Services” Page, click “Assign”

21- in the “Enable Certificate with Thumbprint” pop up box click “Yes”

By this you are done requesting and assigning Certificate to UM service.

Author: Lyncdude

A Senior Service Engineer with more than 9 years of experience in Microsoft Exchange and Microsoft Lync Server / Skype for Business. Egyptian guy lives and works in Frankfurt - Germany. what is written in this blog is my own opinion and thoughts, not my employer and does not reflect their opinion

One thought on “Request A Certificate for Exchange from CA”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: