This document provides instructions for installing SSL Certificates into Exchange 2013. If unable to use these instructions for your server, Symantec recommends contacting Microsoft.
NOTE: To install a SSL certificate onto Microsoft Exchange 2013 using the Exchange Management Shell perform the steps located here.
|This solution contains two Methods to install your SSL Certificate:
Method 1: Installing the certificate received via e-mail.
Method 2: Installing the certificate downloaded from Managed PKI for SSL subscriber service page.
Method 1: Download and Install SSL certificate sent via e-mail
Step 1: Obtain the SSL certificate sent via email:
- Once your Managed PKI for SSL administrator has approved your Certificate request, you will receive an email
with the Certificate attached (cert.cer), as well as in the body of the email itself.
- Copy the SSL certificate and make sure to copy the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
header and footer. Ensure there are no white spaces, extra line breaks or additional characters.
- Use a plain text editor such as Notepad, paste the content of the certificate and save it with extension .txt
NOTE: If you selected Microsoft IIS 5.0 or above during enrollment, continue with the installation from here
- If you are not sure which server software was selected during the enrolment, proceed with Step 2 bellow.
Step 2: Download and Install the Intermediate CAs:
To download and install the Intermediate CAs follow the steps from this link: SO22016
Step 3: Install the SSL certificate:
To proceed with the installation steps for your SSL certificate click here
Method 2: Download and Install SSL certificate in PKCS#7 format
Step 1: Download the SSL certificate from Managed PKI for SSL subscriber services page:
Download the certificate from Managed PKI for SSL subscriber services page by following the steps from this link: SO6621
Make sure you download the certificate in PKCS#7 format and save it with the extension .txt or .p7b
Step 2: Install SSL Certificate
- Go to Start > Administrative Tools > Internet Information Services (IIS) Manager.
- From the left menu, click the corresponding server name.
- In the Features pane (middle pane), under Security, double-click Server Certificates.
- From the Actions pane (right pane), select Complete Certificate Request.
- Provide the location of the certificate file and a friendly name.
NOTE: The Friendly Name is a reference name for quick identification of the certificate for the Administrator.
Be sure that the Personal store is selected, then click OK.
Step 3: Bind services to your certificate using Exchange Admin Center:
- Use Internet Explorer to browse to the Exchange Admin Center located at https://localhost/ecp
- Login using your domain credentials.
- Select Servers.
- Select Certificates.
- Select your certificate.
- Select the Edit icon.
- Select Services.
- Select the services you want to secure with your certificate.
Step 4: Verify certificate installation:
- Verify your installation with the Symantec Installation Checker
- In some rare cases, a restart of IIS or a reboot of the server may be necessary in order for the changes to take affect.