I want to create certificate for a new domain on the existing Exchange CAS server. How do I add multiple names to it e.g. Common Name / SAN? let say the domain is abc.com so i need to create mail.abc.com autodiscover.abc.com etc

I use comodo for my UCC/SAN certificates. They have a nice page on how to do it at the EMS level https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1143 New-ExchangeCertificate -GenerateRequest -SubjectName "C=GB, O=Comodo, CN=mail.abc.com" -KeySize 2048 -DomainName autodiscover.abc.com, webmail.abc.com, exch1, exch2 -Path c:\abc.com.req -PrivateKeyExportable $true

New-ExchangeCertificate -DomainName abc.com, autodiscover.abc.com, mail.abc.com -FriendlyName "Exchange SAN Certificate" -GenerateRequest:$True -Keysize 1024 -path c:\Exchange.txt -privatekeyExportable:$true -subjectName "c=com, o=users, CN=abc.com" you should submit this request to your inetrnal CA or any third party vendor for e.g. verisign etc they will provide you the certificate, after that you should export the certificate to exchange server and enable services on it. Import-ExchangeCertificate –Path c:\certname.p7b | Enable-ExchangeCertificate –Services IIS, POP, IMAP for more read the folloing article: http://technet.microsoft.com/en-us/library/aa998327(EXCHG.80).aspxBest Rgds, Ashish | Unified Comunication | MCTS | MCITP | Please remember to select option "Propose As Answer" if solution work for you | My posts hold no assurances, no promises, and they measured no rights.

I made some mistake, so how do I delete that certificate which i just created?

create new certificate and enable services(IIS, SMTP, POP) for new certificate. after then you should remove old certificate. Remove-exchangeCertificate -thumbprint <thumbprint of cert>Best Rgds, Ashish | Unified Comunication | MCTS | MCITP | Please remember to select option "Propose As Answer" if solution work for you | My posts hold no assurances, no promises, and they measured no rights.

Use the DigiCert's Exchange 2007 CSR Tool to generate Powershell query, then copy paste in EMS. https://www.digicert.com/easy-csr/exchange2007.htm - Karthik

Hi, Take a look at this topic might helpful to you: http://msexchangeteam.com/archive/2007/07/02/445698.aspx

Hi, Take a look at this topic might helpful to you: http://msexchangeteam.com/archive/2007/07/02/445698.aspx