So, I've been battling an Exchange 2007 install all night trying to get the SSL cert from GoDaddy working correctly. After a whole bunch of work and digging into my apparently shallow memory, the Powershell commands started to flow a little. Here are the steps that I followed to get this thing functional. Hope this helps.
- Make a bag of popcorn and grab a beer.
- Get used to the cmdlets available in PowerShell :)
- The first one that will be used is for the certificate request, New-ExchangeCertificate (everything in Bold and Italics is customizable).
- You will take the output of the last command and complete your request with your SSL provider.
- You will likely get a .crt or a .cer certificate from your SSL provider.
- Jump back in to PowerShell and execute the Import-ExchangeCertificate cmdlet. Make sure you copy the thumbprint that was displayed after the command was executed.
- After you've imported the cert, you now need to enable it with the Enable-ExchangeCertificate cmdlet. Using this command will update the cert mapping and replace the self-signed cert installed by default. With the -services switch, just list the services you intend to offer.
- You can validate the certificate is installed along with it's thumbprint with the Get-ExchangeCertificate cmdlet
| New-ExchangeCertificate | New-ExchangeCertificate -DomainName mail.yourdomainname.com -GenerateRequest:$True -Keysize 1024 -path c:\mycertreq.req -privatekeyExportable:$true -subjectName "c=us, o=Your Name, CN=yourdomainname.com" |
| Import-ExchangeCertificate | Import-ExchangeCertificate -Path c:\mycert.crt |
| Enable-ExchangeCertificate | Enable-ExchangeCertificate -Thumbprint [copy and paste thumbprint] -services IIS, POP, IMAP, SMTP |
No comments:
Post a Comment