Applying SSL Certificate to Exchange 2007 server

For Microsoft Windows Small Business Server 2008 and for Microsoft Exchange Server 2007
"stand-alone" implementations there is a definite need for certificate installation and configuration.
IIS7 works much differently than IIS6 and Exchange 2007 is night and day to Exchange 2003. So, naturally the process for getting a SSL certificate generated from IIS and then applied to the server as the "default certificate" for the server is a bit foreign for most.
 
After you have generated a certificate for your client's mail server. Either mail.companyname.com or webmail.companyname.com being the most used certificate names out there for e-mail servers, choose which one you want.
 
Get the certificate from Thawte, DigiCert or others.
 
Complete the Certificate request.
 
Once the certificate is loaded on the server the system needs to acquire the certificate from the "get-Exchangecertificate" command with the Exchange PowerShell.
 
You type in Get-ExchangeCertificate from the console.
If comes back and gives you a listing of 6-7 certificates including system generated certificates
 
So here is the listing of certificates that are on the system.
 
You need to make the webmail certificate the primary for all.
To do this from the Exchange Powershell type in the following command:
 
enable-exchangecertificate -Services IMAP, POP, IIS, SMTP -thumbprint <ThumbprintID>
 
You can see the thumbprint is identical to the webmail certificate on the system. By typing in this command we're making that certificate the primary.
 
You will see "Overwrite Existing Certificate" click on "Yes to all"
 
Once it is done, reset IIS.
 
At this time the server should allow access to https://webmail.companyname.com
 
If there is a certificate error when you go there, we will need to go into IIS and change the HTTTP redirect to /OWA on the SBS Web Applications website.
 
Once it is changed, reset iis. go to a command prompt and type in IISRESET and hit enter.
 
From there, on a external computer to the network you are accessing, go to https://webmail.companyname.com
 
You should be ok. You should not get certificate error.

‹ Trend Micro Server Console Password lost Exchange 2007 Scripts ›

 
  

          Home| About Us | Services | Partners | Support | Contact Us

                                      Computer Store | Home Solutions

 
 
                  All Rights Reserved – Doman Networking Services Inc. ™

Share/Bookmark