User s guide. Exchange 2007 SSL/TLS configuration on Exchange 2007 Server version 1.0 UNIZETO TECHNOLOGIES S.A.



Similar documents
Deploying SSL Certificates on MS Exchange and EMC

Microsoft Exchange 2010 and 2007

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Load Balancing Exchange 2007 Client Access Servers using Windows Network Load- Balancing Technology

e-cert (Server) User Guide For Microsoft IIS 7.0

Using LDAP Authentication in a PowerCenter Domain

Enable SSL for Apollo 2015

SSL Installing your new Certificate

Configure Single Sign on Between Domino and WPS

IIS 6.0SSL Certificate Deployment Guide

Wavecrest Certificate

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

ProSystem fx Document

Digital Signature How to install Digital signature for Windows XP/ Windows7-32bit/ Windows7-64bit over the system

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

Changing Passwords in Cisco Unity 8.x

SAS 9.3 Foundation for Microsoft Windows

Browser-based Support Console

Administrator s Upgrade Guide.

SARANGSoft WinBackup Business v2.5 Client Installation Guide

ContentWatch Auto Deployment Tool

Setting Up SSL on IIS6 for MEGA Advisor

APNS Certificate generating and installation

How to Order and Install Odette Certificates. Odette CA Help File and User Manual

Configuring SSL in OBIEE 11g

How to Order and Install Odette Certificates. Odette CA Help File and User Manual

Installing and Configuring a Server Certificate for use by MailSite Fusion with TLS/SSL A guide for MailSite Administrators

Configuring the Samsung SDS CellWe EMM cloud connector

Configuring Thunderbird for Flinders Mail at home.

NetWrix Password Manager. Quick Start Guide

Microsoft IIS 4 Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

Generating an Apple Enterprise MDM Certificate

CONSOLEWORKS WINDOWS EVENT FORWARDER START-UP GUIDE

Erado Archiving & Setup Instruction Microsoft Exchange 2007 Push Journaling

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

How to Order and Install Odette Certificates. Odette CA Help File and User Manual

Windows Intune Walkthrough: Windows Phone 8 Management

TECHNICAL NOTE Stormshield Network Firewall AUTOMATIC BACKUPS. Document version: 1.0 Reference: snentno_autobackup

WhatsUp Gold v16.1 Installation and Configuration Guide

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

e-cert (Server) User Guide For Microsoft Exchange Server 2010

Secret Server Installation Windows Server 2008 R2

DriveLock Quick Start Guide

Exchange 2010 PKI Configuration Guide

Configuring a Windows 2003 Server for IAS

NSi Mobile Installation Guide. Version 6.2

FileCruiser. VA2600 SR1 Quick Configuration Guide

ADFS Integration Guidelines

Windows Server 2003 Logon Scripts Paul Flynn

HTTP Server Setup for McAfee Endpoint Encryption (Formerly SafeBoot) Table of Contents

Install SQL Server 2014 Express Edition

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

How To Install The Snow Active Directory Discovery Service On Windows (Windows) (Windows 7) (Powerbook) (For Windows) (Amd64) (Apple) (Macintosh) (Netbook) And (Windows

ACTIVE DIRECTORY DEPLOYMENT

Installation and Configuration Guide

EMR Link Server Interface Installation

safend a w a v e s y s t e m s c o m p a n y

MICROSTRATEGY 9.3 Supplement Files Setup Transaction Services for Dashboard and App Developers

Richmond Systems. SupportDesk Web Interfaces - Quick Start Guide

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

BitLocker/Active Directory Encryption Procedure Department: Information Security Office Version: 1.0 Last Revised: 09/26/2011

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

SysPatrol - Server Security Monitor

QUANTIFY INSTALLATION GUIDE

Interact for Microsoft Office

BusinessLink Software Support

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

INSTALLATION INSTRUCTIONS FOR UKSSOGATEWAY

Configure Microsoft Dynamics AX Connector for Mobile Applications

Instructions for Configuring a SAS Metadata Server for Use with JMP Clinical

Setting Up Peak Performance Group Policies

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Basic Exchange Setup Guide

Introduction. Before you begin. Installing efax from our CD-ROM. Installing efax after downloading from the internet

ECA IIS Instructions. January 2005

Dell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com

O Reilly Media, Inc. 3/2/2007

System Administration Training Guide. S100 Installation and Site Management

Sophos Mobile Control Installation guide. Product version: 3

etoken Enterprise For: SSL SSL with etoken

Secret Server Installation Windows 8 / 8.1 and Windows Server 2012 / R2

Joining. Domain. Windows XP Pro

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

Document Classification: Public Document Name: SAPO Trust Centre - Generating a SSL CSR for IIS with SAN Document Reference:

2. Using Notepad, create a file called c:\demote.txt containing the following information:

4cast Client Specification and Installation

DocAve Upgrade Guide. From Version 4.1 to 4.5

Xopero Backup Build your private cloud backup environment. Getting started

WhatsUp Gold v16.2 Installation and Configuration Guide

Migrating Mobile Security for Enterprise (TMMS) 8.0 to version 9.0

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Setup guide. TELUS AD Sync

Upgrading MySQL from 32-bit to 64-bit

Copyright

T his feature is add-on service available to Enterprise accounts.

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

Sophos Anti-Virus for NetApp Storage Systems startup guide

Getting Started with StoreGrid Cloud

Transcription:

User s guide SSL/TLS configuration on Server version 1.0

Table of Contents 1. GENERATING A REQUEST TO ISSUE A CERTIFICATE... 3 2. SENDING REQUEST TO CERTUM... 4 3. INSTALLING THE INTERMEDIATE CERTIFICATES... 6 4. INSTALLING THE CERTIFICATE... 7 5. BACKUP A CERTIFICATE AND PRIVATE KEY... 8

1. Generating a request to issue a certificate By default, mail server uses a certificate issued itself. However, it is possible to reconfigure the certificate obtained from a trusted certification authority. To configure your own certificate, you will have to generate a new request. You should open the management line of the Exchange Server (Exchange Management Shell). Type the following command: New-ExchangeCertificate -generaterequest -subjectname "o=unizeto Technologies S.A.,ou=Bajeczna,cn=win2008.certum.local" -PrivateKeyExportable $true - path c:\win2008.certum.local.csr The importance of each parameter is as follows: generaterequest means the request and a new key pair generation, subjectname here should be included names of parameters that occur in the certificate. Note: Use only ASCII characters (without national diacritics). All fields are not required. Depending on the class, purchased certificate may have different sets of attributes. In this case: o - the name of the organization, which will be placed on the certificate, in this case Unizeto Technologies SA ou - organizational unit. This could be for example "Sales" cn - common name. Key field. Includes the domain name under which you can see the mail server on the Internet. Other fields. Description of what field you put in a request can be found at MSDN: http://technet.microsoft.com/en-us/library/aa998840.aspx PrivateKeyExportable ($ true) - use generated keys as exportable. This means you can backup the private key and certificate, without additional tools. path - path to the file where you will save the request to issue a certificate. 3

2. Sending request to CERTUM Once you have generated your request, please send them to CERTUM in order to obtain a certificate. Please visit www.certum.eu and select "SSL Certificates": CERTUM offer will be presented. Please refer to our offer and select the type of certificate which will fit best your needs. 4

Click the "Buy Now" button on the desired type of certificate and log on to our portal. If you do not have an account on our site, please create one and sign up. In the next step you should complete fields related to the certificate contract. The most important is "Request a certificate". Paste here the request generated in the preceding paragraph. Please open the file with the request in a text editor (Notepad, Notepad + +) and copy the entire string from "----- BEGIN NEW CERTIFICATE REQUEST ----- "and "----- END NEW CERTIFICATE REQUEST ---- - ". Note: It is important to copy the entire string, including the above-mentioned strings. Attention! generates a request with a break before the tag ----- END NEW CERTIFICATE REQUEST -----. You have to remove the break. Then complete details for the invoice - you will need to issue an invoice. Do not forget to include your e- mail. There will be sent information relating to the handling of certificates. This can be for example a message with activation link or reminders for expiring certificate. In the next step please select a payment method, read the statement carefully and then accept them. At the end, press "Next" button. The next step is to verify the domain. This can be done in two ways. The first way is to verify the domain name and address from the e-mail. Domain Verification involves placing a special tag on the sides which are verified. Review your e-mail and then click the special link in the message. The second way is to send the verification documents. Person who carries forward the process will receives them, and then CERTUM can verify domain membership of the organization. 5

3. Installing the intermediate certificates Intermediate certificates are very important element. It must be installed on a Web Server to let the web browser verify certificate issuer. Please visit www.certum.eu top menu and select "Manage certificate" and then "certificates and keys." Please save your certificates Certum CA Level I, Level II, Level III and Level IV. Choose your server certificates for SSL / TLS. Please press the key combination [Winkey + R] type mmc.exe. This starts the editor MMC snap. On the File menu, select "Add / Remove Snap-in". In the new window you have to click on the Add button and then point to Snap "Certificates" and press "Add" button. This brings up a window similar to the following: Please select "Computer account" and click "Next". On the next screen, please indicate the local computer and click "Finish". In the left panel of the newly opened window, please expand the "Certificates intermediate offices. Please right-click on the folder "Certificates" and from the context menu, select "All Tasks" then "Import...". 6

The setup wizard will guide you through the installation of intermediate certificates. You have to indicate CA Certum Level I CA and as a warehouse for installation select "Intermediate Certification Authorities" (this should be the default choice). Previous steps must be repeated for certification authorities CA Cetum Level II, Level III and Level IV. 4. Installing The Certificate After the proper verification you will receive an e-mail with the installation ID. To activate your certificate, please go to the page specified in the message and paste the ID installation certificate. After pressing the "Activate" you will see a new page, where you can download the certificate. Please save your certificate on your hard disk by selecting "Save Binary". The next step is to install the certificate in Exchange Server 2007. Turn on the management console server and issue the command: Import-ExchangeCertificate -path path_to_file.cer -friendlyname "win2008.certum.local" Individual parameters have the following meanings: path - the directory where you stored the certificate friendlyname - name under which you will see the certificate in the certificate store Then find the fingerprint of the installed certificate. In the management console and issue the command: Get-ExchangeCertificate -DomainName "win2008.certum.local" You will see the installed certificates and their finger prints. Output should be similar to that shown in the picture: 7

You have to copy the thumbprint of the certificate issued by CERTUM. The next stage of implementation is to assign a certificate to each services of the Exchange server. You have to type the command: Enable-ExchangeCertificate -thumbprint <thumbprint> -services "IIS,POP,IMAP" After this, you should restart the server. Configuring the certificate has been completed. 5. Backup a certificate and private key In the "Run" window please enter mmc.exe. This starts the editor MMC snap. Choose the "File" menu, select "Add / Remove Snap-in". In the new window select "Certificates" and click "Add". In the next window, please select your computer: Now select "Local Computer" and please expand the "Personal" and "Certificates". Please right-click on the icon of the certificate and the context menu select "All Tasks" > "Export". This starts the Certificate Export wizard. While exporting you have to select the following options: "Yes, export the private key (Step 1) "Enable strong private key protection" (Step 2) "If it is possible to attach all certificates in the certification path (Step 3) After selecting this option, you have to provide a password to protect your private key (Step 4). The last step is to identify the location where you saved the file in PKCS12 format. It will contain a backup copy of a private key and certificate. 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information