This guide will walk you through the process of generating a Certificate Signing Request (CSR) in Exchange 2013 using the tools accessible through a web browser. In this example, we’ll generate the CSR on the server named “MAIL” for the domains mail.ncssltest.info, ncssltest.infoនិង autodiscover.ncssltest.info.
How to CSR Generation in Exchange 2013 EAC
During the setup of your Exchange server, it’s common to specify the same subdomain “mail” for most services like OWA (Outlook Web Access) or OAB (Offline Address Book). For Autodiscover services, the subdomain “autodiscover” is typically used, and Outlook Anywhere is often accessible via the subdomain “oa”.
The Certificate Signing Request can be generated in the Exchange Administration Center.
ជំហានទី 1
First, open your Exchange Administration Center in the web browser (usually done via https://localhost/ecp) and navigate to ម៉ាស៊ីនបម្រើ >> វិញ្ញាបនប័ត្រ. Then click on the “+” button to open the Exchange certificate wizard.
ជំហានទី 2
ជ្រើស Create a request for a certificate from a certification authority ហើយចុចបន្ទាប់។
ជំហានទី 3
Give your certificate a ឈ្មោះមិត្តភាព and click Next to continue. The friendly name is created for the server administrator to identify the certificate later. It is not the ឈ្មោះដែនត្រឹមត្រូវ name itself.
ជំហានទី 4
In the next step, you will be given the option to create a CSR for a ជំនួស domain. Although Wildcard certificates are accepted and supported by Exchange 2013, they are not recommended as they may be not compliant with other server products which do not support them. If you are using a multi-domain (aka other names – SAN or UCC) certificate, you can skip this step by clicking បន្ទាប់.
ជំហានទី 5
ចុច រកមើល ហើយជ្រើសយក Exchange server where the pending CSR will be stored on, then click បន្ទាប់.
ជំហានទី 6
ពីបញ្ជីជ្រើសយក ។ to be secured with the certificate using Ctrl+Click. The step should be omitted for Wildcard certificates.
ជំហានទី 7
On the next screen, you can review the បញ្ជី of domains/subdomains which will be included in your certificate. If different services are using the same subdomain, it will be shown in the list only once. Extra domains can be added using the “+” button if needed.
ចំណាំ: The server internal name is added to the list by the server. Various other names may also appear, depending on how the previous step was completed. Due to the restrictions of CA/Browser forum, the Certificate Authorities do not issue certificates for internal/local domain names. Remove the internal domain name from the list using the “-” button.
ជំហានទី 8
After the list of names has been reviewed and edited according to your preferences, click បន្ទាប់.
ជំហានទី 9
In this step, you will fill in the អង្គការ details. Short descriptions of these fields are listed below:
- ឈ្មោះអង្គការ: the name of your company. If the certificate is not being used for a company or organization, you may enter “NA”. In most cases, domain-validated certificates are sufficient for the Exchange server so this will not cause any issues.
- Department name: the department within your organization. “NA” can be also used here if there is no department in your company.
- Country/Region name: select your country from the drop-down list. This field refers to the country in which your domain is registered/operating.
- City/Locality: the full name of your city.
- រដ្ឋ / ខេត្ត: the full name of your state or province. You may re-enter the city name if there are no states or other regional identifiers in your country.
ចំណាំ: All fields should contain only អក្សរក្រមលេខ symbols (A-Z, a-z, 0-9); special characters (“&”, “/”, “^”, “â”, etc.) are not allowed.
ជំហានទី 10
បញ្ចូល ផ្លូវ to the folder on your computer in which the CSR will be saved. In this example, the file will be saved in the “certs” folder on the disk C://. ចំណាំ: the destination folder should be created in advance. The system offers to save the file with .req extensions, however you will need only its text, so you are free to use .txt extension.
ជំហានទី 11
បន្ទាប់ពីចុច។ បញ្ចប់អ្នកនឹងឃើញរបស់អ្នក។ មិនទាន់សម្រេច certificate request in the Certificates menu.
ជំហានទី 12
The file can then be found in your computer using the path that was specified in the step 10. Please use the whole text (including Begin and End headers) for certificate ការធ្វើឱ្យសកម្ម.
ជំហានទី 13
After the certificate is issued by the Certificate Authority, you will be able to install it using ការណែនាំនេះ.