Generate a CSR for Microsoft Exchange 2013

This article shows you how to generate an SSL certificate request, also called a CSR, using the Exchange Admin Center (EAC). If you received your certificate from the CA already, proceed to the « Exchange 2013 SSL Certificate Installation Instructions ».

Other versions of Microsoft Exchange

The documentation for generating an SSL certificate request for less recent versions of Microsoft Exchange can be found in the following articles:

• « How to generate a certificate request on Microsoft Exchange 2003 »
• « How to generate a certificate request on Microsoft Exchange 2007 »
• « How to generate a certificate request on Microsoft Exchange 2010 »

How do I create an SSL certificate request on Microsoft Exchange 2013?

1. Access the Exchange Admin Center by opening a browser and browsing to https://localhost/ecp, and login using DOMAIN\USER format.
   
   
   
   
2. Click on Servers in the left pane, then click Certificates at right, then the + symbol to start the New Exchange Certificate wizard.
   
   
   
   
   
3. Select Create a request for a certificate from a certification authority and click Next.
   
   
   
   
4. Choose a friendly name for the certificate. Use the domain name you're requesting the certificate for as an easy reminder.
   
   
   
   
5. If you are requesting a wildcard certificate, check the Request a wildcard certificate box and enter the root domain name. Otherwise, just go to the next screen.
   
   
   
   
6. Browse for a server to save the CSR file to.
   
   
   
   
7. Next, include the services and subdomains you want to secure by using Ctrl-Click to highlight them in the list. If you chose to request a wildcard certificate, this step will be skipped.
   
   
   
   
8. Review the domain names Exchange 2013 suggests you include in your certificate request. If you're planning to secure multiple mail domains using a SAN SSL certificate, include them in the list.
   
   
   
   
9. Enter the details of your organisation.
   
   
   
   
   • • Organization - The legal name under which your company was registered or incorporated.
     • Organizational Unit - The name of your department, or leave this field blank if you wish.
     • City/locality - Your organization's city.
     • State/province - Your organization's state or province. Do not use abbreviations!
     • Country/region - The two-digit country code of your organization's country.
       
10. Enter a network path to save the certificate request file to.
    
    
    
    
11. Next, look for the CSR you just saved with Windows Explorer, double-click it to open it, and copy the entire contents, including the BEGIN CERTIFICATE REQUEST and END CERTIFICATE REQUEST lines, into Kinamo's SSL Certificate Application form.
12. After you receive your SSL certificate from the Certificate Authority, you can proceed with installation.