The Exchange Management Shell offers a command-line interface for Exchange Server 2013. In essence, every action performed in the Exchange Administration Center (EAC) is executed by the Shell in the background.
Both the Exchange Administration Center (EAC) and the command line can be used to generate the Certificate Signing Request (CSR). This article focuses on explaining the commands required to create the CSR for the primary domain mail.ncssltest.info and an additional domain autodiscover.ncsstest.info using the Exchange Shell.
How to Generating a CSR in Exchange 2013 Shell
FURTHER READING: |
| 1. CSR Generation in Exchange 2013 EAC (Exchange Administration Center) |
| 2. Creating a CSR in Exchange 2010 |
| 3. How to Generate a CSR on Apache + OpenSSL/ModSSL/Nginx + Heroku |
Step 1
To begin, open the Exchange Management Shell and enter the following command:
New-ExchangeCertificate -GenerateRequest -RequestFile “path_to_csr.txt” -FriendlyName “friendly_name” -SubjectName “c=Country,s=State,l=Locality,o=Organization,ou=Organizational_Unit,cn=Common_Name” -DomainName additional.domain.com -PrivateKeyExportable $true
Leverage 1Byte’s strong cloud computing expertise to boost your business in a big way
1Byte provides complete domain registration services that include dedicated support staff, educated customer care, reasonable costs, as well as a domain price search tool.
Elevate your online security with 1Byte's SSL Service. Unparalleled protection, seamless integration, and peace of mind for your digital journey.
No matter the cloud server package you pick, you can rely on 1Byte for dependability, privacy, security, and a stress-free experience that is essential for successful businesses.
Choosing us as your shared hosting provider allows you to get excellent value for your money while enjoying the same level of quality and functionality as more expensive options.
Through highly flexible programs, 1Byte's cutting-edge cloud hosting gives great solutions to small and medium-sized businesses faster, more securely, and at reduced costs.
Stay ahead of the competition with 1Byte's innovative WordPress hosting services. Our feature-rich plans and unmatched reliability ensure your website stands out and delivers an unforgettable user experience.
As an official AWS Partner, one of our primary responsibilities is to assist businesses in modernizing their operations and make the most of their journeys to the cloud with AWS.
Step 2
Here is a short description of the commands:
- RequestFile: the path to the folder where the .txt or .req file with the text of the CSR will be stored. In our example, we saved the file to the disc C://, folder “certs”.
- FriendlyName: this field is used by the server administrator to identify the CSR later.
- SubjectName: these details will be checked by the Certificate Authority before CSR issuance.
- Country: two-digit code of the country your domain is operating/registered in. You can check the ISO 3166-2 code for your country here or here.
- State: the full name of the state/province/region inside the country. If there are no states or regions in your country, you can use the city name in this field.
- Locality: the full name of the city.
- Organization: the full registered name of your organization. You can enter NA here if you do not have a company, as Certificate Authorities do not verify the company for domain-validated (DV) certificates. Usually, it is enough to use the domain-validated certificate to secure Exchange services.
- Organizational Unit: the name of the department inside the company. If there is no department in your company, you may enter NA.
- Common Name: the domain name you need to secure. This will become the primary domain of your multi-domain certificate.
- DomainName: any additional domain(s) which will take one of the slots in your certifiacate.
- PrivateKeyExportable $true: this part of the command means that you allow to export the private key from the server. It should be used if you are going to export the certificate later and install it on the other server. Using “$false” here or excluding this part from the command will not allow the private key to be exported and will cause issues with using the certificate on other servers.
Note: use only alphanumeric letters and digits and avoid using any special characters like “/”, “&”, “å”, etc.
The file is stored on your computer in the folder you specified in the “-RequestFile” command. You may now activate your certificate using the CSR text. Remember that it is necessary to use the whole text, including Begin and End lines.
After the certificate is issued by the Certificate Authority, use this guide for installation.
English
Khmer
Thai
Vietnamese