Installation of Exchange 2016-Configure Certificate
- Click on Certificate and plus sign to create new certificate request
- Click on option Next (Needs that you have Root CA configured and installed in your domain)
- Name Certificate a by giving name (it can be any as per your choice)
- Leave with default option and then click on Next
- Click to browse, select server you wish to store the certificate and then click on OK then select Next
- In this given window it is going automatically to add names we have configured in Virtual Directories earlier. And then Click on the next option.
- In case you have multiple domains, you are going to add autodiscover.domain.com and autodiscover.domain.local for each of your domains (last part is not required in case you have configured Virtual directories to use *.com). Mail.domain.com does not require to be added if you use same url for OWA. Now, Click on Next
- Input the required fields and click on Next
- Give input of path to a share to store the certificate. I simply created a folder named Share in C:\ on my Exchange server. Now, shared the folder with path \\EX1\Share. Now Click on Finish.
- Navigate to surf on the folder where the certificate was stored, right click on the file and open it in Notepad. Then press CTRL+A and CTRL+C to select all and replicate the content
- Open IE and then enter url for requesting certificate. In my case I have setup and installed CA on my DC, hence url is http://DC/certsrv ( in case it is not present on local intranet zone, ensure to add it before entering url or request is going to fail). Select, clicking on request a certificate
- Click to select “advanced certificate request”
- Click on submitting a certificate request by using a .
- Now, Paste in the content we copied previously, select web server and then click on submit button
- Click on download certificate button and then save it on the same share we stored the certificate request previously.
- Navigate to surf back on to ECP Servers Certificate. Now Mark the pending request and click on option complete.
- Mention the path to the filename and click on OK (In my case it is \\ex1\share\Ex2016.cer)
- To select, click twice on the new Certificate services and go for SMTP and IIS then click on save. Click on button Yes for confirmation.
- Open run (Windows +R) and type inetmgr then click ok to open IIS management
- For expanding your server sites.
- Conduct right click on Default Web Site then, Edit Bindings
- To select click on https and then click on button edit, confirm that the correct certificate is selected.
- Right click on Exchange Backend and then select edit bindings.
Certificate is now going to have a authorized valid state
Mark on https and then click on Edit. Here the default certificate must be ok, however if you experience any certificate issue, then it might be change to the same as default website (Exchange 2016 certificate. When all is confirmed close the IIS manager.