Home > Others

Exchange 2013 (i) Configuring certificates

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Exchange2013 ( i ) Configuring Certificates

Exchange Server Configuration certificate and The process is not the same, the following configuration certificate of the process to write. A DC in this test environment , a exchange2013all in one server. the DC acts as a Certificate server.

The process is divided into the following steps

    • Deploying a Certificate Server

    • Create a certificate Request file

    • Request a Certificate

    • Assigning services

First, deploy the certificate Server

The following installs the Certificate Server into In the DC , some procedures in the deployment do not have a legend, many for the settings remain the default

1.1 Add "Roles" and select "activedirectory Certificate Services"

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/7B/12/wKiom1bGgXygUhHmAAJBtdNgTb8909.jpg "title=" 1.jpg " Width= "730" height= "518" border= "0" hspace= "0" vspace= "0" style= "width:730px;height:518px;" alt= " Wkiom1bggxyguhhmaajbtdngtb8909.jpg "/>

1.2 Because the administrator login is used, the maximum permissions. Users are created individually and given permissions in the production environment, and do not operate directly with the administrator.

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M01/7B/12/wKiom1bGgaCjpiD3AAHX4SNOjJ4101.jpg "title=" 2.jpg " Width= "730" height= "518" border= "0" hspace= "0" vspace= "0" style= "width:730px;height:518px;" alt= " Wkiom1bggacjpid3aahx4snojj4101.jpg "/>

1.3 Select Configure ActiveDirectory Certificate Server on the destination server

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M02/7B/12/wKiom1bGgbGSSRRhAAJCQfk2gP8010.jpg "title=" 3.jpg " Width= "730" height= "518" border= "0" hspace= "0" vspace= "0" style= "width:730px;height:518px;" alt= " Wkiom1bggbgssrrhaajcqfk2gp8010.jpg "/>

1.4 logged in with an administrator user, leave the default option, and the domain administrator will not be used to log in in the production environment

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7B/12/wKioL1bGgpHRFNPUAAHBuaNZHZE979.jpg "title=" 4.jpg " Width= "730" height= "529" border= "0" hspace= "0" vspace= "0" style= "WIDTH:730PX;HEIGHT:529PX;" alt= " Wkiol1bggphrfnpuaahbuanzhze979.jpg "/>

1.5 is checked as this Certificate Server will serve the WEB server

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M01/7B/13/wKiom1bGgqywM93KAAFxzRkVEGk401.jpg "title=" 5.jpg " Width= "730" height= "529" border= "0" hspace= "0" vspace= "0" style= "WIDTH:730PX;HEIGHT:529PX;" alt= " Wkiom1bggqywm93kaafxzrkvegk401.jpg "/>

1.6 Enterprise CA remains default, Enterprise CA Domain-joined computers automatically install the certificate

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M02/7B/12/wKioL1bGgymQPmm7AAHhJyCnEts988.jpg "title=" 6.jpg " Width= "730" height= "533" border= "0" hspace= "0" vspace= "0" style= "width:730px;height:533px;" alt= " Wkiol1bggymqpmm7aahhjycnets988.jpg "/>

1.7 Root CA remains the default, simply enable the certificate feature in the Environment Select this option

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M01/7B/13/wKiom1bGgunwlIu_AAIEs63ZnoA998.jpg "title=" 7.jpg " Width= "730" height= "529" border= "0" hspace= "0" vspace= "0" style= "WIDTH:730PX;HEIGHT:529PX;" alt= "wkiom1bggunwliu_ Aaies63znoa998.jpg "/>

1.8 Creating a new private key remains the default

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M01/7B/13/wKiom1bGg9uzLlyzAAIsdPwf8wA035.jpg "title=" 8.jpg " Width= "730" height= "533" border= "0" hspace= "0" vspace= "0" style= "width:730px;height:533px;" alt= " Wkiom1bgg9uzllyzaaisdpwf8wa035.jpg "/>

1.9 Encryption algorithm remains the default

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M01/7B/13/wKiom1bGg-_Td0BrAAGlGLYaYRY359.jpg "title=" 9.jpg " Width= "730" height= "533" border= "0" hspace= "0" vspace= "0" style= "width:730px;height:533px;" alt= "wkiom1bgg-_ Td0braaglglyayry359.jpg "/>

1.10 CA name free fill

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M01/7B/13/wKiom1bGhBOA6BaeAAIN4SDq8Cs195.jpg "title=" 10.jpg "Width=" 730 "height=" 533 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:533px; "alt=" Wkiom1bghboa6baeaain4sdq8cs195.jpg "/>

1.11 validity remains the default, Microsoft's product cycle is typically 5 years

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/7B/13/wKioL1bGhI7CIQV2AAFlUYuQo3U115.jpg "title=" 11.jpg "Width=" 730 "height=" 533 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:533px; "alt=" Wkiol1bghi7ciqv2aafluyuqo3u115.jpg "/>

1.12 Configuration succeeded

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/7B/13/wKiom1bGhDvT-fMFAAFVo7lYu1c728.jpg "title=" 12.jpg "Width=" 730 "height=" 533 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:533px; "alt=" Wkiom1bghdvt-fmfaafvo7lyu1c728.jpg "/>

II. Create a certificate request file

2.1 Open a certification authority

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/7B/13/wKioL1bGhMvAcBf2AAGN4ngdPI4625.jpg "title=" 13.jpg "Width=" 730 "height=" 533 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:533px; "alt=" Wkiol1bghmvacbf2aagn4ngdpi4625.jpg "/>2.2 as shown in the settings

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7B/13/wKiom1bGhHnTCsR3AAJQuTVIVCg929.jpg "title=" 14.jpg "Width=" 730 "height=" 338 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:338px; "alt=" Wkiom1bghhntcsr3aajqutvivcg929.jpg "/>

2.3 Set a public folder on the CAS server to set permissions that are used to store the files generated when the following Operation

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M02/7B/13/wKiom1bGhJXyEuifAAKYhOPt9Xg502.jpg "title=" 15.jpg "Width=" 730 "height=" 408 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:408px; "alt=" Wkiom1bghjxyeuifaakyhopt9xg502.jpg "/>

2.4 Open the Exchange server control Center, as you can see

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M02/7B/13/wKiom1bGhKixY2riAAMQ5rmvPKg098.jpg "title=" 16.jpg "Width=" 730 "height=" 518 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:518px; "alt=" Wkiom1bghkixy2riaamq5rmvpkg098.jpg "/>

2.5 Create a new Exchange certificate such as

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M00/7B/13/wKiom1bGhMTi-umSAAJNC66SrLg912.jpg "title=" 17.jpg "Width=" 730 "height=" 453 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:453px; "alt=" Wkiom1bghmti-umsaajnc66srlg912.jpg "/>

2.6 Fill in the name of the certificate, no need for easy memory

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M02/7B/13/wKioL1bGhUnizo2WAAEz82pCGT0968.jpg "title=" 18.jpg "alt=" Wkiol1bghunizo2waaez82pcgt0968.jpg "/>

2.7 does not enable a wildcard certificate, such as

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/7B/13/wKioL1bGhVyRtfdsAAFho3bRfp0129.jpg "title=" 19.jpg "alt=" Wkiol1bghvyrtfdsaafho3brfp0129.jpg "/>

2.8 as set

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M01/7B/13/wKioL1bGhWqApcLjAAFkOAqU-uU373.jpg "title=" 20.jpg "alt=" Wkiol1bghwqapcljaafkoaqu-uu373.jpg "/>

2.9 If you fill in the mail domain of the public network , the default is < unspecified >

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M02/7B/13/wKioL1bGhXzDMGQEAAHAiY1V4Mc987.jpg "title=" 21.jpg "alt=" Wkiol1bghxzdmgqeaahaiy1v4mc987.jpg "/>

2.10 such as Mail,AutoDiscover and other domain names are displayed in the list

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M00/7B/13/wKioL1bGhY_yuR0QAAFZi1rAIZU389.jpg "title=" 22.jpg "alt=" Wkiol1bghy_yur0qaafzi1raizu389.jpg "/>

2.11 Fill in the certificate information, no requirements for easy memory

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7B/13/wKioL1bGhaGjn4LsAAGD9eYrj-c628.jpg "title=" 23.jpg "alt=" Wkiol1bghagjn4lsaagd9eyrj-c628.jpg "/>

2.12 Save The req file, this path is the public shared folder created on the previous CAS , where you want to fill in the Fqdn

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M02/7B/13/wKiom1bGhU_DToSFAAG0ByJZTHU029.jpg "title=" 24.jpg "alt=" Wkiom1bghu_dtosfaag0byjzthu029.jpg "/>

2.13 saved to the public folder in CAS

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/7B/13/wKioL1bGh5KCfL3PAADj3PDlNtM169.jpg "title=" 25.jpg "alt=" Wkiol1bgh5kcfl3paadj3pdlntm169.jpg "/>

III. Certificate of Application

3.1 in DC 's browser input http://localhost/certsrv, click the "Request a certificate" hyperlink

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/7B/13/wKiom1bGh4rha8PfAAKXeGhS7yw586.jpg "title=" 26.jpg "Width=" 730 "height=" "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:300px; "alt=" Wkiom1bgh4rha8pfaakxeghs7yw586.jpg "/>

3.2 Click the Advanced certificate Request Hyperlink

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M02/7B/13/wKiom1bGiTSTw2YfAAFb-ySt-4Q251.jpg "title=" 27.jpg "Width=" 730 "height=" 207 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" WIDTH:730PX;HEIGHT:207PX; "alt=" Wkiom1bgitstw2yfaafb-yst-4q251.jpg "/>

3.3 Click the use base64hyperlink

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/7B/13/wKiom1bGiUmgnknmAAHsnVw4WGw635.jpg "title=" 28.jpg "Width=" 730 "height=" 209 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" WIDTH:730PX;HEIGHT:209PX; "alt=" Wkiom1bgiumgnknmaahsnvw4wgw635.jpg "/>

3.4 Use Notepad to open the request.req certificate request file that you just exported to CAS . Copy all the contents of the selection

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M01/7B/13/wKioL1bGic6RIZQdAAYWrD9dXGs101.jpg "title=" 29.jpg "Width=" 730 "height=" 575 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:575px; "alt=" Wkiol1bgic6rizqdaaywrd9dxgs101.jpg "/>

3.5 paste into the Saved requests text box, certificate templates SelectWeb server, click Submit

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7B/13/wKioL1bGieazKxNCAAMLLv3RPpI370.jpg "title=" 30.jpg "Width=" 730 "height=" 477 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" WIDTH:730PX;HEIGHT:477PX; "alt=" Wkiol1bgieazkxncaamllv3rppi370.jpg "/>

3.6 Click "Download Certificate" hyperlink, click "Save" to save certnew.cer certificate file to CAS

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/7B/13/wKioL1bGif7DrG4ZAANMmUV4oIM718.jpg "title=" 31.jpg "Width=" 730 "height=" 575 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:575px; "alt=" Wkiol1bgif7drg4zaanmmuv4oim718.jpg "/>

Iv. Allocation of services

4.1 completing a shelve request

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M00/7B/13/wKiom1bGibvxptIcAAILMs0Zd9A498.jpg "title=" 32.jpg "Width=" 730 "height=" 537 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" WIDTH:730PX;HEIGHT:537PX; "alt=" Wkiom1bgibvxpticaailms0zd9a498.jpg "/> 4.2 Enter the path to the Certnew.cer certificate file you just exported

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/7B/13/wKioL1bGij2iCvb2AAFfO1zy3qc969.jpg "title=" 33.jpg "alt=" Wkiol1bgij2icvb2aaffo1zy3qc969.jpg "/>

4.3 completing a shelve request

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/7B/13/wKioL1bGimyB1FaIAAIZn-t4PzA115.jpg "title=" 34.jpg "Width=" 730 "height=" 541 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:541px; "alt=" Wkiol1bgimyb1faiaaizn-t4pza115.jpg "/>

4.4 for the Certificate Assignment service, double-click mail.satid.cn, select the "Services" option, such as Tick

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M02/7B/14/wKiom1bGiirCaCOtAAFLbC_NVk8148.jpg "title=" 35.jpg "Width=" 730 "height=" 629 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" WIDTH:730PX;HEIGHT:629PX; "alt=" Wkiom1bgiircacotaaflbc_nvk8148.jpg "/>

4.5 Confirm Overwrite

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7B/13/wKioL1bGiqeji44AAAG-tpYkdvg772.jpg "title=" 36.jpg "Width=" 730 "height=" 629 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" WIDTH:730PX;HEIGHT:629PX; "alt=" Wkiol1bgiqeji44aaag-tpykdvg772.jpg "/>4.6 Assignment Service Acknowledgement

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/7B/14/wKiom1bGiumS5OtMAAExP7PRBPA253.jpg "title=" 37.jpg "Width=" 730 "height=" 462 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:462px; "alt=" Wkiom1bgiums5otmaaexp7prbpa253.jpg "/>

4.7 Deleting a self-signed certificate

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/7B/14/wKiom1bGixGhE45AAAEhlmdg3H8950.jpg "title=" 38.jpg "alt=" wkiom1bgixghe45aaaehlmdg3h8950.jpg "/>

4.12OWA and Outlook2013 testing

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7B/14/wKiom1bGizCA0RRLAAJKEVZ_CUw199.jpg "title=" 39.jpg "Width=" 730 "height=" 518 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:518px; "alt=" Wkiom1bgizca0rrlaajkevz_cuw199.jpg "/>

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M02/7B/14/wKioL1bGkNGCtqUTAAKb4s-Ct_M171.jpg "title=" 40.jpg "Width=" 730 "height=" 518 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:730px;height:518px; "alt=" Wkiol1bgkngctqutaakb4s-ct_m171.jpg "/>


This article is from the "Zhao Dongwei Learning record" blog, so be sure to keep this source http://zhaodongwei.blog.51cto.com/4233742/1743303

Exchange 2013 (i) Configuring certificates

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
exchange troubleshooting assistant 2013 connect mailbox exchange 2013 get mailboxstatistics exchange 2013 exchange 2013 anti spam gui increase mailbox size exchange 2013 f5 load balancer exchange 2013 exchange 2013 show mailbox size

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More