Ask a Question

How to generate Certificate Signing Request (CSR) for Microsoft Exchange 2010

Problem

This document provides instructions for generating a Certificate Signing Request (CSR) for Microsoft Exchange 2010 Server.  If you are not able to use these instructions for your server, GeoTrust recommends you to contact the server vendor.

Solution

To create your CSR using the New Exchange Certificate Wizard, follow the below steps:

  1. Open the Exchange Management Console by going to Start > Programs > Microsoft Exchange 2010 > Exchange Management Console.
  2. Select "Manage Databases"


     
  3. Select "Server Configuration" in the left menu, and then "New Exchange Certificate" from the actions menu on the right.
  4. When prompted for a friendly name, enter a name by which you can easily remember and identify this certificate. This name is used for identification only and does not form part of the CSR.
  5. Under Domain Scope, you can check the box if you will be generating the CSR for a wildcard. Otherwise, leave the option to Enable wildcard certificate unchecked and click Next. If you do select that box for a wildcard, move to step 7.
  6. In the Exchange Configuration menu, select the services that will be secured, and enter the names through which you connect to those services.
  7. At the next screen, you will be able to review a list of the names which Exchange 2010 suggests you include in your certificate request.
    Your Organization should be the full legal name of your company as officially registered
    Your Organization unit is your department within the organization responsible for SSL
    If you do not have a state/province, enter the city information again.


     
  8. Click "Browse" to save the CSR to your computer as a .req file, then Save, then Next, then New, and then Finish.
  9. You will now be able to open the CSR with notepad. Copy everything from the first - of the BEGIN line right through to the last - of the END line into the online order form.