SSL Certificates SSL Certificates

Installing an SSL Certificate in Microsoft Exchange Server 2007

After your certificate request is approved, you can download your SSL and intermediate certificate from within the SSL application. For more information see Downloading Your SSL Certificate. Both of these files must be installed on your Web server.

Exchange Server 2007 requires a Multiple Domain (UCC) Certificate to run all services securely.

To Install Intermediate Certificate Bundles

  • 1. Type mmc in the Start search box after pressing the Start menu to start the Microsoft Management Console (MMC).
  • 2. In the Management Console, select File then Add/Remove Snap In.
  • 3. In the Add or Remove Snap-ins dialog, click the Add button and then select Certificates.
  • 4. Choose Computer Account then click Next.
  • 5. Choose Local Computer, then click Finish.
  • 6. Close the Add or Remove Snap-ins dialog and click OK to return to the main MMC window.
  • 7. If necessary, click the + icon to expand the Certificates folder so that the Intermediate Certification Authorities folder is visible.
  • 8. Right-click on Intermediate Certification Authorities and choose All Tasks, then click Import.
  • 9. Follow the wizard prompts to complete the installation procedure.
  • 10. Click Browse to locate the certificate file. Change the file extension filter in the bottom right corner to be able to select the file. Click Open after selecting the appropriate file.
  • 11. Click Next in the Certificate Import Wizard.
  • 12. Choose Place all certificates in the following store; then use the Browse function to locate Intermediate Certification Authorities. Click Next. Click Finish.

NOTE: If the Starfield Class 2 Certification Authority root certificate is currently installed on your machine you will need to disable it from the Trusted Root Certification Authorities folder.

  • 13. Expand the Trusted Root Certification Authorities folder
  • 14. Double-click the Certificates folder to show a list of all certificates.
  • 15. Find the Starfield Class 2 Certification Authority certificate.
  • 16. Right-click on the certificate and select Properties.
  • 17. Select the radio button next to Disable all purposes for this certificate.
  • 18. Click OK.

NOTE: Do not disable the Starfield Secure Certification Authority certificate located in the Intermediate Certification Authorities folder. Doing so will break the server, causing it to stop sending the correct certificate chain to the browser.

To Install the UCC Certificates

After you have installed our intermediate certificates, you will need to install your issued certificate on your server. To do this you will use the Import-ExchangeCertificate cmdlet as follows :

Import-ExchangeCertificate -Path "c:\CertificateFile.crt"

where :

-Path = The complete path and filename of the UCC certificate signed by Starfield.

Make sure to copy the thumbprint of the certificate as you will need it in an upcoming step.

NOTE: Do not use the MMC (Microsoft Management Console) certificate snap-in functionality to import certificates for Exchange Server 2007 or Live Communications Server.

Now, you must enable the UCC certificate, which lets you specify which services you can use.

For Example :

Enable-ExchangeCertificate -Thumbprint [thumbprint] -Services "SMTP, IIS"


1. -Thumbprint [thumbprint] = The unique string representing the installed certificate (copied in the previous step)

2. -Services "SMTP, IIS" = this certificate will be enabled for SMTP and IIS services.

NOTE: Valid service identifiers are SMTP, POP, IMAP, UM, and IIS.

For additional information click on the following link : Importing and Enabling Certificates

Installing an SSL Certificate in Microsoft Exchange Server 2007 Installing an SSL Certificate in Microsoft Exchange Server 2007

Send a message

© ASTEHOST 2006 - 2021