We will configure Exchange 2010 Self Certificate to be used in our LAB , the LAB Environment we will be performing several tasks , including configuring your own certificate authority and creating CR from exchange 2010 servers are part of our goal on this article.
We will at the end install the local certificate and I will show you how to import that into your own laptops etc. to avoid seeing certificate is not trusted warning. The steps you would do are same if you were the AD engineer to manage internal CA authority for your internal usage.
- Windows 2008 R2 Forest/Domain
- DC1 ( Domain Controller, Certificate authority server)
- E1 ( Exchange 2010 , Multi Role DAG member)
- E2 ( Exchange 2010 , Multi Role DAG member)
- Windows 7 Workstation ( Domain member)
Working Steps:
- Install Certificate authority on the Domain Controller for your domain
Open Server manager, by typing Servermanager.msc
Roles, add roles,
Select Active Directory Certificate Services
Click Next
When it is asked select add required roles and click next when you ready
Enterprise
Root CA
Create a new Private key
Click next ( don’t need to change anything here)
Click next
Click next ( 5 years is good enough normally adjust if you like )
Click next ( pay attention here where will have the databases) if this was production implementation you would certainly
Take a note of this directory
Next
Next
Finally Install
Now open IIS on the same ( server) click start and type "Inetmgr " hit enter.
Expand default website and locate directory called " CerSrv" on the right pane, click on "Browse"
Now you may want to add this into Bookmark of your browser
Part 2 we will generate certificate request from Exchange 2010 servers
Respectfully,
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)
No comments:
Post a Comment