You have to create the request through IIS manager or certificates manager from your CAS servers. Also complete the response through the same.https://technet.microsoft.com/en-gb/library/cc732906(v=ws.10).aspx
You can add additional names to the certificate when you reach the point of putting the CSR in to the SSL provider's web site. It depends on the provider though.

how do I create a CSR? Sorry  am very green to this.... 

how do I create a CSR? Sorry  am very green to this.... 

Please use this to generate CSR command.
http://gallery.technet.microsoft.com/Exchange-20072010-and-2013-17a0b52f

Please use this to generate CSR command.
http://gallery.technet.microsoft.com/Exchange-20072010-and-2013-17a0b52f

Sorry I have a Go Daddy cert I need to re-key. Not via IIS. Any idea how to do this?

Sorry I have a Go Daddy cert I need to re-key. Not via IIS. Any idea how to do this?

Create the CSR and then tell GoDaddy you want the certificate as a SHA2. I just did this the other day and it worked without issue.

Create the CSR and then tell GoDaddy you want the certificate as a SHA2. I just did this the other day and it worked without issue.

Hi,

I currently have a a Exchange Certificate that is Sha1RSA. I need to re-key it to Sha2. Does anyone have instructions on how to do that? Anything I should be aware of?

I have 2 CAS servers with the cert and 2 dag servers. Exchange 2010 std.

FYI SHA256 will be the default "Signature hash algorithm" in almost all CAs. And SHA2 is short form of SHA256.
SHA2 is default for all CAs. Anyway you can check with GoDaddy if you wish to.

FYI SHA256 will be the default "Signature hash algorithm" in almost all CAs. And SHA2 is short form of SHA256.
SHA2 is default for all CAs. Anyway you can check with GoDaddy if you wish to.

I am not sure how to use that CRS command? I am green to this..... Do you think this would work?

https://www.godaddy.com/help/generating-a-certificate-signing-request-csr-exchange-server-2010-6086

Hi Chaser,

You will get a command similar to the below when you generate command  using the tool

Set-Content -path "C:\mail-domain-com.txt" -Value (New-ExchangeCertificate -GenerateRequest -KeySize 2048 -SubjectName "c=US, s=teststate, l=testcity, o=Someone, cn=mail.domain.com" -DomainName autodiscover.domain.com -PrivateKeyExportable $True)

Replace domain.com with your domain name.
Run this command in Exchange Management Shell and you will get a text file in C drive named "mail-domain-com"

Open the file, copy the content and paste in to the Godaddy control panel when rekeying as per this URL

Request Godaddy to generate certificate as SHA2. That's it

awesome thanks! :) seems easy enough

Does the cmd need to be ran on the Exchange server or local pc ok?

Do you know if this will affect OWA smartphones or outlook email?

You should run this on exchange management shell.  It will not effect mobile/owa clients