Ask a Question

How to install a GeoTrust SSL certificate in Microsoft Exchange 2010

Solution

To install a GeoTrust SSL certificate on Microsoft Exchange 2010 server, perform the following steps:

Step 1: Obtain the GeoTrust Intermediate CA certificates.


b) Copy and paste the intermediate CA certificate into a Notepad and save as e,g "intermediateCA.txt"
 

Step 2: Create a Certificates Snap-in in the Microsoft Management Console (MMC):

  1. From the Web server, click Start
  2. In the Search programs and files field, type mmc
  3. From the Programs list, click mmc.exe
  4. At the permission prompt, click Yes
  5. From the Microsoft Management Console (MMC), click  File > Add/Remove Snap-in
  6. From the list of snap-ins, select Certificates
  7. Click Add
  8. Select Computer account
  9. Click Next
  10. Select Local computer (the computer this console is running on)
  11. Click Finish
  12. In the Add/Remove Snap-in window, click OK
  13. Save these console settings for future use
     

Step 3: Install the GeoTrust Intermediate CA certificate.

  1. Using the same Console, double-click on Intermediate Certification Authorities from the left pane
  2. Right-click on Certificates from the right pane and select All Tasks > Import to open the Certificate Import Wizard
  3. Click Next
  4. Specify the location of the GeoTrust intermediateCA.txt file obtained from Step 1 by clicking Browse
  5. Click Next
  6. By default, it will place the certificate in the Intermediate Certification Authorities store. Keep this selection and click on the Next button.
  7. Click Finish
  8. A message will appear confirming the successful import of the certificate. Click OK
     

 Step 4: Install the SSL certificate

GeoTrust will send the SSL certificate via email.

Copy the contents of the SSL certificate and paste it into a Notepad.

The text file should look like:
 
-----BEGIN CERTIFICATE-----
[encoded data]
-----END CERTIFICATE-----


Note: Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white space, extra line breaks or additional characters have been inadvertently added. Save the file with the extension of .cer.

Or, download the certificate as per the instruction in the following solutions:


Installing the certificate with the Exchange Management Console:

  1. Start the Exchange Management Console: Start > Programs > Microsoft Exchange 2010 > Exchange Management Console
  2. Select "Manage Databases", and then select "Server configuration"
  3. Select the certificate from the center menu (listed by its Friendly Name), and then select "Complete Pending Request" from the "Actions" menu.
  4. Browse to the certificate file, then select Open > Complete

    Note: Occasionally Exchange 2010 will show an error message stating "The source data is corrupted or not properly Base64 encoded." Please ignore this error. Often times the installation is successful in spite of the error message.

    Press the F5 key to refresh the certificate and verify that it now says "False" under "Self Signed". If it still shows "True", the wrong certificate may have been selected or the request may have been generated on a different server. To resolve this issue, create a new CSR on this Exchange server and reissue the certificate.
     
  5. To enable the certificate, go back to the Exchange Management Console and click the link to "Assign Services to Certificate"
  6. Select the server from the list provided, then click Next
  7. Select the services for which the certificate must be enabled then click Next > Assign > Finish

    The certificate is now Installed and enabled for use with Exchange.