Documente Academic
Documente Profesional
Documente Cultură
• Assigning on Test Machine to see Certificate authority is working for Outlook Web Access
Step 1:
You need to have this role installed to have a Certificate Authority
Step 2:
Choose : Active Directory Certificate Services
Choose Next
• Certification Authority
Choose Next
Choose
• Certificate Authority
Let us see how to Request a Create a Simple Cert from Internal Certificate Authority
Step 10:
Browse http://localhost/certsrv/
You would see a page below like this , Choose “Request a Certificate”
Step 11 –
Click on Advanced Certificate Request
Step 12:
Choose the Second one
Submit a certificate request by using a base-64-Encoded CMC
Step 13:
Now Copy the Note pad Certificate Request Data – You have to generate a Certificate Request from the
application. For example how we are doing in exchange server
http://www.careexchange.in/how-to-create-an-ssl-certificate-request-for-exchange-server-2013/
Or you can use https://www.digicert.com/util/
Example – Data Should be like below –
Step 14:
Choose “Base 64 encoded”
Download Certificate
Step 15:
Save the Certificate – should be .cer extension
Copied my Request .CER File generated from CA to the Exchange and using it.
Shows Certificate Invalid.
3 – Computer Account
4 – Local Computer
Make sure you Assign the Certificate for IIS in Exchange Control Panel.
Now you can see things are fine locally on Exchange 2016 server –
– Lets see how we can use on Desktop
First Login to Exchange Server MMC and Export the Certificate with all the certificate path into a PFX file.
Note : The desktop doesn’t need the private keys from any certificate in the chain.
Having the private key gives the ability to decrypt all the traffic between the client and the server even if
that traffic is coming from someone else. It also makes a man in the middle attack on this SSL connection
possible.
On 2 : For End user desktops – Choose do no export private key and use that certificate for import.
Now we have the PFX File Exported.
Share