Wednesday, August 21, 2013

How to Configure Exchange 2010 Self Certificate Part 3

  • Now open your Exchange 2010 Server EMC
  • Go to Server Configuration , make right click
  • Select "new Exchange Certificate"

clip_image001

Give it a name like,

Exchange 2010 CR Request

clip_image002

Click next

clip_image003

Now on this page let me elaborate bit more, in our scenario we won't have any access from internet so all configuration changes we will be doing are INTERNAL. That being said if this would be real time scenario the process would be the same as you would consider to use outside names to access these resources such as mail.YourCompnay.com or outlook.YourCompany.com

Internal Server names DO NOT NEED TO BE on the certificate normally , Unless you can think of some good reason.

We will use two name spaces

Mail.ztekzone.com and Webmail.ztekzone.com , in internal DNS servers we will add A records to point these resources

Any Exchange server we like. The purpose of having different name space is to keep control of internal mail related resources and segregate them from outside ( Different path, different HLB servers etc.)

clip_image004

clip_image005

The last option is Legacy , if you were to perform migration from legacy versions of Exchange servers this is what you would select here for the proper name space to be able to distinguish Exchange services and proxy them back to legacy servers in Co-Existence scenarios . ( you leave this blank if this is wont pertain to you)

clip_image006

Now on this page make sure your common name set it correctly

Fill out the blanks per your reference

clip_image007

clip_image008

clip_image009

clip_image010

Click Finish now you can see you have pending request

clip_image011

Here is our file

clip_image012

In Part 3 we will put all together

clip_image013

Here is OWA and SSL connection is established  with no  issues

clip_image014

Respectfully,

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)

1 comment:

Anonymous said...

Unless I'm just having a browser problem it looks like you might have copied Part 2 into Part 3. The section on what you do with the CR is missing.