Knowledge Base
Certificate Signing Request (CSR) on Microsoft Exchange 2007 (powershell)
Creating a CSR on Exchange 2007 (PowerShell)
In order to create a CSR on Exchange 2007, you must use the New Exchange Certificate cmdlet which can be used from the Exchange Management Shell (EMS)
Note: Exchange Management Shell:
- Click Start
- click Programs
- and then click Microsoft Exchange Server 2007
- Then click Exchange Management Shell.
- The 'Generate Request' parameter for this cmdlet will create the CSR, as a PKCS#10 file which we will then use to create your certificate.
- The 'Subject Name' parameter contains the details that are signed into the certificate.
- The 'CN' parameter is the Primary Domain Name (Please use a fully qualified domain name[FQDN]), and should also be entered into the order form.
- An example command to generate a request would be:
New: Exchange Certificate ==>Generate Request ==>Subject Name
Country=GB,
Organization=Some Company
Common Name=exchange.example.net
Key Size= 2048
Path= c:\\exchange.example.net.req
- The resulting 'exchange.comodo.com.req' file can be opened in Notepad or similar text-editor and pasted into the order form.
Note: If you plan on exporting your certificate from your server or making a backup of this you will need to use the below command to enable this
New: Exchange Certificate==>Generate Request ==>Subject Name
Country=GB
Organization=Some Company
Common Name=exchange.example.net
Key Size =2048
Path= c:\\exchange.example.net.req
Private Key Exportable= $true
Note: This is the bare minimum that we require for UCC CSR's.
- Adding extra flags to the above command(s) may not have the intended result.
- We do not need the other domains included in the CSR.
- There are places for them on the UCC order form.
- To include them in the CSR use the following command.
New: Exchange Certificate ==>Generate Request==>Subject Name
Country=GB
Organization=Some Company
Common Name=exchange.example.net
Key Size= 2048
Domain Name: server1, imap.server1.com, exchange.example.net, pop.server1.com
Path= c:\\exchange.example.net.req
Private Key Exportable= $true
Important:
To access Exchange Management Shell cmdlets, you must load the Exchange Management Shell from the Microsoft Exchange Server 2007 program menu.