exchange 2007 certificate from internal CA
We installed CA on a windows 2008 member server. I would like to generate a certificate for our exchange 2007 server - we are installing OCS and it requires exchange to have a cert from a CA.[we will get one from an external CA at a later date] First, I generated the cert request from exchange. When I go to the https://localhost/certsrvon the CA server and go to "request certificate / advanced certificate request / Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file" I need to choose a certificate base template - and I would imagine this template needs to be a web server template. I see how to create a template by right clicking on "web server" templatein the CA template snapin, and choose duplicate template / windows 2003 server - but am not sure how to configure this template.I would liketo know if I am on the right track, and how to configure the template for exchange- thanks...
August 28th, 2009 5:18pm
Have you seen this article?Create Certificate for Exchange 2007 Servers using Windows CAhttp://blogs.microsoft.co.il/blogs/roneng/archive/2008/03/20/create-certificate-for-exchange-2007-servers-using-windows-ca.aspxSF - MCITP:EMA, MCTS: MOSS 2007, OCS 2007, Exchange 2007
Free Windows Admin Tool Kit Click here and download it now
August 28th, 2009 7:02pm
Didn't see that doc - but thats exactly what I was attenpting to do. So, the real issue I have is when I run the certsrv request - I don't have an option for web server under certificate template - and get an error. So I must have to create a web server template - which I am not sure how to configure, or enable the default one? thanks...
August 28th, 2009 8:12pm
how are you requesting the cert? web? there should be a drop down or a radio dial to specify what type of cert, web cert. Are you getting an error message as a result or is it just a matter of not seeing the correct page.Are you certain you started out with the correct select of reqeusting a cert to a root ca? Is this a root CA and is it a domain member?SF - MCITP:EMA, MCTS: MOSS 2007, OCS 2007, Exchange 2007
Free Windows Admin Tool Kit Click here and download it now
August 28th, 2009 11:51pm
Scott - thanks for the reply. I had gone back and played with this. I was actually initiating the request from the CA server itself, and had a copy of the cert request on that server.When I went back and initiated the request from the exchange server - I did get the web cert choice - just a mistake on my part - never had to deal with PKI before.It must only give options for the user ? when I ran it locally on the CA machineSeems like everything worked - thanks again.
August 29th, 2009 12:18am