How do I generate a CSR (Certificate Signing Request) in Microsoft Exchange 2010?

Problem

How do I create a CSR (Certificate Signing Request) in Microsoft Exchange 2010?

Resolution

This guide provides the steps taken to create a CSR (Certificate Signing Request) on Exchange 2010. These steps follow what need to be taken using the GUI of Exchange Management Console.

  1. Click on Start and then open All Programs. Click on Exchange Management Console under Microsoft Exchange Server 2010.

  2. The console will load up.  Click on the Manage Databases link in the center pane.

  3. Click on Server Configuration on the left-hand pane.

  4. In the middle pane, you will see a list of certificates that are currently installed.

  5. Click and highlight the server that you want to install the certificate on in the middle and and then click on the New Exchange Certificate link on the right-hand pane.

  6. A new window will appear named New Exchange Certificate that resembles a wizard.  In the Enter a friendly name for the certificate field, enter in a name that you will refer to the certificate as, on this server.  Click on the Next button.

  7. At the Domain Scope screen, click on the Next button.

  8. Next you should see the Exchange Configuration screen.  You will see a number of headings that resemble the services used by Exchange 2010.  Click on the arrows under each heading for the service that you want to secure to expand a list of options for that heading.  Click the check boxes and add all into the fields the names that you will need to include into the certificate.  Click on the Next button when you are ready to move on.

  9. On the Certificate Domains section, you will see a list of domains that are to be included in this certificate.
    Note: Here you can Add, Edit, Set as common name, or even Delete any domain in the list if you want to.  When you are done reviewing the list, click on the Next button.

  10. The next screen displays the Organization and Location section.  In this section you will input the following:

  11. Organization: The legal name of your organization.

    Organizational Unit: This optional field is the name of the department or other group making the request.

    Country/region: Use the two-letter code of your country without punctuation, for example: BM or UK or CH.

    City/Locality: The locality field is the city or town name, for example: Hamilton or Stamford.

    State/Province: Spell out the state completely; do not abbreviate the parish, state or province name, for example: Pembroke or Connecticut.

  12. After you entered in that information, click on the Browse button and provide a file name and location to save the CSR file. Click on the Next button when you are ready.

  13. The Certificate Configuration section will give you a summary of all the details that was entered throughout this process. When ready, click on the New button at the bottom.

  14. The certificate will be generated and the file will be created with the name and in the location specified earlier.

  15. Click on the Finish button to finish off the process.

  16. Open the .txt file using a text editor (such as Notepad), copy all the contents and submit it to QuoVadis.

Add Feedback