Wednesday, December 30, 2009

Free SSL Certificate for your Exchange 2010 server

Sounds too good to be true, but… it is. I was doing some research on Public Certificate issuer (after all, I am running all this from home and am on budget as well) and found They offer all Validation Levels certificates and the lowest, Class 1, is free – a perfect scenario to test your Exchange and (hopefully) OCS public connectivity environment. Here is the comparison chart for their services:

I found that the free edition does not support SAN and so, you might need another cert. for autodiscover.your_domain but… not a big deal. Class 2 and above will do it and can’t beat their prices… I will seriously reconsider changing over when our production cert. expires.

Here are the steps to provision your Exchange Server with SSL certificate.

***Windows Explorer 7 will NOT work. Save yourself time and frustration, get Firefox to complete this task…

Go to this link:

Click on Sign-Up button
Fill in the form…

…and click Continue. An email with validation code will be sent to the email address you’ve used on the form. Enter it and continue. You will be taken to your toolbox.

First thing to do here is to verify your domain – click Check DNS of Domain link. Enter your domain name and TLD, and click Check. Another validation email will follow – you know the drill. Once your domain is verified, it will appear here:

Now it is time to create your Exchange 2010 CSR (Certificate Signing Request). Go to your Exchange server, start EMC and go to Server Configuration. Click New Exchange Certificate on right pane. Give it a name first:

Do not enable Wild Card – we cannot issue it any way.

Because we want (and can only) test some basic functionality, not all options will be used here:

On the next screen you will see some SAN’s but… StartSSL free edition will disregard it any way…

On the next screen you need to enter some info (again – it will be disregarded) and also a location – where the CSR will be saved. In this case – c:\NewReq.req

Click “Next” on the last screen and the request will be processed.

Locate .req file, open it with text editor and copy the text.

The next step will be to submit the CSR to StartSSL for digital signing. Go back to your StarSSl’s Control Panel, click “Certificate Wizard” and select “Web Server SSL…” from the drop down menu.

Click Continue.

***Make sure you click “Skip” button (since we generated the key on our exchange server).

On the next screen paste the text we copied from the .req file.

…and click Continue. Once the certificate is signed, you will receive an email with instructions now to retrieve it.
Go to the Toolbox, Click “Retrieve Certificate” link, select your certificate from the drop down menu and click Continue.

Copy the text in the box – this is your certificate.

Go to your Exchange server, create new text file name it MyCert or so, paste the text and save it. ***NOTE. Change the file extension to .cer to avoid confusion later.

Before we proceed with the Certificate import, there is one more step – we must import the StartSSL Root CA to our Exchange server. Go to your StarCom’s Toolbox and click StartCom CA Certificates link. You will be presented with this screen:

You need to save “Server Certificate Bundle with CRLs (PEM encoded)” to a location accessible from your exchange server. Go back to your exchange server, locate the file “ca-bundle.cer” if you used the default name, right click over it and select Install Certificate. Accept the default settings.

Once the Root CA is installed, we can now complete the Certificate Request. On EMC, highlight the Request you created earlier (this where the Friendly name comes handy), and click Complete Pending Request on the right pane.

Complete the steps in the wizard (you will have to select the .cer file you created earlier), assign the services associated with this certificate and… I restarted the server just in case…
It worked:


«Oldest   ‹Older   201 – 210 of 210
Anonymous said...

Japanese Emoticons Free: Cute Kaomoji and Emoji for iOS to experience the world of Japanese emoticons with the free version of the best site

Haryana daily updates said...

Do you know ABCMIT institute offers the best
mobile repairing course in Delhi? Demo lessons are available to our students. please call 9540438438.

Sasural Simar ka Today episode said...

Watch online Sasural Simar Ka Season full all episodes HD video streaming live MX player, Desi Serial and Apne TV Free. said...

Sasural Simar Ka 2 Watch Online is an Indian Hindi-language Supernatural television series that premiered on 26 April 2021 on Colors TV. It is a spiritual sequel to the

Haryana daily updates said...

Do you require further details regarding the ac repairing course? Visit and enrol in a trial class at our ABCMIT training facility. We provide career-oriented training in mobile repair, hardware, and software to help you advance your technological knowledge and abilities. We pledge to do all in our power to help you find work. If you like to call us for more details, our number is 9540438438.

Woh Toh Hai Albela Online High Quality Episode said...

Hi I found here very Good Information thanks so much for sharing
Pandya Store 3rd December 2022 Episode 597

aztani monda said...

Watch Here All The Most Popular TamilDhool Serials
Free Downloads & Watch Latest Tamildhool Tv Show's Free.

Tamildhool Watch Live

jaatmonu said...

If you're interested in a Mobile Repairing Course in Laxmi Nagar Delhi, come to our ABCMIT training facility. Attendees in a sample lesson are learners. Our advice will help you get more technical understanding and skills. The training facility at ABCMIT has a lot of knowledge regarding this subject. This programme has a bright future. We are fully committed to helping you find employment. Call 9540438438 if you'd like to learn more about us.

Anupama said...

Watch Anupama Full Episodes Apne Tv Anupama Yo Desi Live
Stream Online HD Anupama Kal Wala Episodes Downloads

Profreekey said...

Bluestacks have many of fresh qualities were similar include to this app. Note some app and application could brilliant than this.
blueStacks crack

«Oldest ‹Older   201 – 210 of 210   Newer› Newest»