To generate a CSR code in Exchange 2013, you can use Exchange Administration Center accessible through a browser.
In this article, we will generate a CSR code for the domains mail.ssltest.info, ssltest.info and autodiscover.ssltest.info.
The following steps describe the CSR generation in the administration panel.
- Open Exchange Administration Center in a browser via https://localhost/ecp and select Servers, then click on Certificates. To open a “new Exchange certificate” wizard, click on the “+” symbol:
- Select "Create a request for a certificate from a certification authority" and click Next:
- At the next step, enter a Friendly name for your certificate that you will remember in the future. The Friendly name is rather an identifier for you. It is recommended entering your domain name as a friendly name in order not to get confused:
- If you are generating a CSR code for a Wildcard certificate, check the box and specify the base domain name. The common name for all Wildcard certificates has to be entered with an asterisk in front of the domain (*.example.com). If you are generating a CSR code for a multi-domain certificate, just leave the box unchecked and proceed to the next step.
- Click on the Browse button and choose the server where your pending CSR request will be stored and after that, click Next:
- From the list, choose the services that you would like to secure with the certificate using Ctrl+Click.
*Important* This step will be skipped if you are using a Wildcard certificate.
- At the next step, there will be a list of domains and subdomains which can be included if you have a multi-domain certificate. You can also add any additional names by using the “+” button.
*Important* The server’s name (in our case, it is “mail”) will be added to this list as well. Other different names might also be present in the list. It usually depends on how you completed the previous step. Review all the names and remove the unwanted ones by using the “-” button:
- Once the list contains all the needed names, click on the Next button.
- Fill in the organization details:
Organization name is your company name. If you do not have one, you may use “NA” in this field. This case is applicable when you have a domain-validated SSL certificate.
Department name is the department within your organization. You can also use “NA” for this field.
Country/Region name: choose your country from the drop-down list.
City/Locality has to be chosen from the drop-down list as well.
State/Province has to be the full name of your state/province. If there is no state/province, you may enter your city name.
*Important* Please make sure you use only alphanumeric characters. Special symbols or letters in the native language (! @ # $ % ^ ( ) ~ ? > etc.) are not allowed when filling in the information.
- At the next step, you need to enter a path to the existing folder on your computer. The CSR code will be saved to this folder.
*Important* The CSR code will be saved with .req extensions by default. However, you can rename it with a .txt extension.
- Click on the Finish button. Your pending certificate request will be displayed in the Certificates menu.
- Now you can open the CSR code on your computer with any text editor. Make sure you use the whole code with the header and footer (Begin and End certificate request).
Once the CSR code is generated, you can copy and paste it into the corresponding box during the SSL activation process. Please make sure that the lines ‘-----BEGIN/END CERTIFICATE REQUEST-----’ are included as well.