Friday, July 24, 2009

Exchange 2007 SSL

Install certificate service and the web forms that go with it

Ensure that default.asp is included in the default documents for the /certsrv IIS folder

Ensure that anonymous login is turned off for /certsrv

Make sure you run IE as an admin otherwise some of the options (such as Web Server) don't appear

Personally I like certificate services in manual approval mode

New-ExchangeCertificate -generaterequest -subjectname "dc=local,dc=cqd,o=CodeQuest,cn=cqsrv2.cqd.local" -domainname cqsrv2.cqd.local,cqdsrv2,autodiscover.cqd.local,webmail.codequest.co.uk -PrivateKeyExportable $true -path c:\cqsrv2.request.txt

Open the request in notepad and copy and paste it into the certsrv webpage

Choose advance option and in the drop down pick "Web Server" - if it's not there then you're not authenticated as a domain admin.

Once requested go into Certificate Authority MMC and approve the pending request

Save the request as c:\cqsrv2.response.cer

Import-ExchangeCertificate -Path C:\cqsrv2.response.cer | Enable-ExchangeCertificate -Services IIS

voila!

No comments: