This document provides instructions for generating a Certificate Signing Request (CSR) for Exchange 2013. If you are unable to use these instructions for your server, Thawte recommends that you contact Microsoft.
Note: To generate a CSR for Microsoft Exchange 2013 using the Exchange Management Shell (command line) please follow the instructions located here.
To generate a CSR for Microsoft Exchange 2013 using IIS perform the following steps:
- Start IIS by selecting Tools > Internet Information Services (IIS) Manager
- Select Server Certificates
- Select Create Certificate Request on the right side
- Complete in full all the required fields in the new page that will appear.
Common Name: The Fully Qualified Domain Name that the certificate will be issued to and secure.
Organization: The Registered Organizational Name the certificate belongs to.
Organizational Unit: The Department within the Organization
City/locality: The Business registered location (not the actual server location)
State/province: The Business registered state or province (do not abbreviate)
Country/region: The two letter country code
- Select Next
- Select 2048 from the Bit Length: drop down list.
- Select Next
- Specify the file name and location for the certificate request file
- Select Finish
- Open the saved text file and when requesting a certificate, be sure to include the header and footer:
-----BEGIN NEW CERTIFICATE REQUEST-----
-----END NEW CERTIFICATE REQUEST-----