Whether you are having multi domain SSL, single domain SSL or EV SSL, all these can be installed on exchange server versions (2003,2007,2010,2013,2016). However, many of you may not be aware of SSL installation process on exchange server. So, we here try to focus on installation process. But before going further, we need to take overview of exchange server.
About Exchange Server:
Exchange server plays an important part in your daily life as it handles official appointments, email confidentiality, reduce the cost of communication, customer satisfaction, etc. Also, it provides unified experience to users also multiple calendar and meeting schedule feature. It also lessens the time spend on managing messaging system. Even, employees, team members can access it remotely to make their communication effective and gain rapid growth.
To this date, there are many versions out there of Exchange servers like Exchange server 2000, 2003, 2007, 2010, 2013, 2016, etc.
Microsoft exchange server can only be deployed on windows server OS and available in the form of SaaS.
Microsoft Exchange server contains some components to offer flawless service properly like information store, system attendant, SMTP, Active Directory.
ActiveSync: It is a client protocol that synchronize a mobile device to use exchange mailbox.
Autodiscover: Outlook fetches configure information for connected servers with this feature.
Outlook Web Access/App: It is a personal information manager web app.
Outlook Anywhere: It allows users to access corporate email and calendar over the web.
Now, coming to the necessity of SSL security for exchange server as there are a reason to have SSL certificate on exchange server.
When a server exchange information, it simply travels in a plain text and MS exchange has plenty services like Auto-Discover, Mailbox, Outlook App, POP3, SMTP, ActiveSync. So, it is necessary to encrypt the communication takes place within enterprise across these services. In order to secure this communication, SSL is required.
Install SSL certificate on Exchange 2010
When you think of installation of SSL certificate on exchange server, you need to follow specific process including generate CSR. Exchange server as you may know is a combination of email, calendar, contact, schedule services provided by Microsoft platform.
When you wish to generate CSR, then it should be created on the server only on which you wish to install an SSL certificate. You will have an automated private key generating when you create CSR on server. So, let us dive into the process of generating CSR on exchange server 2010.
Note: Below Exchange server versions are obsolete
1. Exchange Server 4.0
2. Exchange Server 5.5
3. Exchange Server 2000
4. Exchange Server 2003
Generate CSR on Exchange Server 2010:
- Browse Exchange Management Console by navigating Start → Programs → Microsoft Exchange 2010.
- In Exchange Management Console, you need to click on Microsoft Exchange On-Premise and then click on Server Configuration in menu seen on the left side.
- Under the Actions menu, click on New Exchange Certificate there you need to put a friendly name for the certificate. Then click on Next button.
- Now, you need to specify domain name that you wish to protect. (For wildcard certificate, specify name for example *.domain.com) then click on Next button.
- You need to select desired service based on server and domain name, then click on Next button.
- You will have window that shows overview of the desired domain names. Click on Next button.
- You have now window where you need to enter organization details and click on Browse button where you want to save the CSR. At last, click on Next button.
- Finally, you will have summary of CSR details, then click on New and at last click on Finish button to get the CSR.
- Please copy the content of a CSR from —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—–.
Install SSL certificate on Exchange 2010
After generating CSR, you need to provide it to SSL provider and complete configure process. Once you complete configure process and get your certificate in zip file. Once you have zip file, you need to copy the certificate in a plain text editor (Notepad) and save it with. p7b extension.
- Open Exchange Management Console by browsing Start > Programs > Microsoft Exchange 2010 > Exchange Management Console.
- Now, select Manage Database and select Server Configuration.
- In center of the window, you need to choose the certificate shown by friendly name. After that, on the right side of the window, click on Complete Pending Request under Action menu.
- Browse the certificate file and select Open>Complete.
Enable SSL Certificate
- Go back to Exchange Management Console, choose “Manage Database” and select “Server Configuration” and click on link on right side naming “Assign Services to Certificate”
- Now, choose the service that you wish to enable for the certificate.
- At last, click on Next>Assign>Finish.
Your Exchange SSL server certificate is now installed and ready to use for Exchange 2010.