How to renew an SSL Certificate that is used by an Exchange 2010 Server for IIS Services
Step 1 - Show existing Certificate
Open the Exchange Management Shell and enter the cmd Get-ExchangeCertificate | FL to show all the existing certificates. Note the NotAfter date that shows the expiry date.
Step 2 - DigiCert Portal
Login to the Digicert portal at www.digicert.com and then choose My Orders and find your SSL Certificate that is due to expire. Click on the order number on the left.
Step 3 - Renew Certificate
Scroll down the page and choose the Renew button.
Step 4 - Validity Period
Choose the Validity Period for the Certficate, confirm the Common Name is correct and then click the Optional I would like to provide my CSR and auto fill names now.
Step 5 - CSR
The CSR Window is displayed, choose the Server Software for the Certifciate and click on the Upload a CSR link.
Step 6 - CSR Creation Tool
Next click on the Exchange 2010 CSR Creation Tool.
Step 7 - Create CSR Command
Enter in the Certificate Details the correct Common Name, this is the primary domain name for the certificate, then enter any Subject Alternative Names (SAN) such as autodiscover below and the correc owner details. The CSR Powershell cmd is generated for you on the right hand pane. Copy this to the clipboard.
Step 8 - Generate the CSR in PowerShell
Paste the CSR Powershell cmd into your Exchange Server Powershell.
Step 9 - CSR Text File
Based on the location of the CSR file in your Powershell cmd, open the TXT file and copy the entire contents to the clipboard.
Step 10 - Enter CSR
Paste the CSR Text into the Digicert CSR Pane. Click Continue.
Step 11 - Continue Certificate Renew
You return to the Certificate Renew window. Click continue.
Step 12 - Organization Details
Confirm the correct Organization details and Contact Details are chosen.
Step 13 - Make Purchase
Enter your payment details and purchase the Certificate.
Step 14 - Order Processing
The order will now be processed.
No comments:
Post a Comment