It is very easy process to install an SSL certificate in Microsoft exchange 2010. Here we have listed step by step process that is divided into two parts.
- Prepare Your Server
- Installation of SSL certificate
Suggestion: UCC SSL certificates remain the best for MicroSoft Exchange Server.
Let’s start with first process, learn how to prepare your server for SSL certificate installation:
1. Generate a Certificate Snap-In in Microsoft Management Console (MMC). It follows some steps to create a certificate snap-in in MMC, which is as below.
- Click Start > Run
- In the text box, type mmc
- Click OK
- In Microsoft Management Console (MMC) menu bar, select Console (in IIS 5.0) or File (in IIS 6.0)
- Click on Add/Remove Snap-in
- Click Add
- From the list of snap-ins, select Certificates
- Again Click Add
- Select Computer account
- Click Next
- Select Local computer
- Click Finish
- In the snap-in list window, click Close
- In the Add/Remove Snap-in window, click OK
- Save these settings.
2. On the left side, in certificate snap-in, expand the Trusted Root Certification Authorities folder and select sub-folder named “Certificates.”
3. You have a following certificate to locate
Issued to: VeriSign Class 3 Public Primary Certification Authority – G5
Issued by: VeriSign Class 3 Public Primary Certification Authority – G5
Expiration Date: 7/16/2036
Serial Number: 18 da d1 9e 26 7d e8 bb 4a 21 58 cd cc 6b 3b 4a
4. Check, if this certificate is available then disable it.
5. To disable the available certificate, Right click the certificate.
6. Then select Properties.
7. Here click on Disable all purposes for this certificateoption, click on OK, and close the MMC.
Now after preparing the server for installation of an SSL certificate it is a time to install a certificate. To install a certificate in MS Exchange 2010 you have to use the Exchange Management Shell.
- First, copy your certificate, which you received in e-mail and save it as newcert.p7b to C:\ on your Exchange server. Always save your certificate with the extension of .txt or .p7b
- Paste the contents of the certificate in notepad. Keep in mind that it should carry five dashes to both side of the BEGIN CERTIFICATE and END CERTIFICATE and there is no white space, extra line breaks, or additional characters. For example:
- Now, Go to start> Programs>Microsoft Exchange 2010 > Exchange Management Console.
- Choose “Manage Databases,” and then select “Server configuration.”
- Select the certificate from the center menu, and select “Complete Pending Request” from the “Actions” menu.
- Browse for certificate file, then select Open, and click on Complete. (If any message stating “The source data is corrupted or not properly Base64 encoded.” kindly ignore it)
- To verify aninstallation of a right certificate, Press F5 button and if it shows FALSE it is a sign of proper installation. However, if it shows TRUE than you have to generate a new CSR on this Exchange server and replace the certificate.
- To permit the certificate, go back to the Exchange Management Console.
- Choose “Manage Databases,” and then select “Server configuration” and click on the link “Assign Services to Certificate.”
- Select the services for which the certificate must be allowed then click Next > Assign > Finish.
- Your certificate is ready to use.
ClickSSL has made efforts to ensure the accuracy and completeness of the information in this document. However, ClickSSL makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. ClickSSL assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.