How to Create Certificates Using Exchange 2003

How to Create Certificates Using Exchange 2003 or accessing the contents of that website. In this guide we will help you in creating such certificates for your domain running exchange services and will allow you to access the mails through Outlook Web Access. For creating a certificate you would need a tool called SelfSSL and this comes as a bundled tool along with the IIS6 Resource Kit. If you do not have this kit then you first need to download it and install it on your exchange server. Once you download the kit start the installation and continue by inputting positive responses like I Accept, Continue etc. During the installation please select the custom mode so that you can select which tool to install and which not. During the installation it will give you option to select the tools which you want to install. Select the SelfSSL tool and you can leave the others unchecked. Complete the installation by clicking Next several times and finally by clicking Finish. When the installation gets over press the Start button and go to All Programs. In All Programs you will find a folder named IIS resource Kit. Open it and then open the SelfSSL tool. This tool on opening will present you a command line interface and this is the place from where we will create the certificate. Let us see how.

In the command line of SelfSSL tool type “SelfSSL /N:CN=owa.domainname.com /T /V:365” (enter everything without the quotes and make sure you replace domainname with the domain you are using). After typing this command press enter. When asked for confirmation, please press the letter ‘Y’ on the keyboard. The tool will create the certificate and will close itself but this certificate can still not be used until it gets deployed by the exchange server. Now on the Exchange sever click on the Start Menu and then click on Internet Services Manager. Once you have this window open please right click on the exchange server and click on its properties. When the Exchange server properties window comes up click the tab called Directory Security. In this tab click on the edit button and there you will find a check box titled Require Secure Channel (SSL)”. Put a check mark in this box and then click on OK to close the edit window. Press OK in the directory Security tab window as well to close it. As far as the creation and deployment of the certificate is concerned you have done the required. Next thing is the installation of this certificate by the users to login to the Outlook Web Access.

When any user will try to open the Outlook Web Access page for your Exchange then he will get a certificate message telling that certificate installation is required. The user needs to accept the certificate so that it gets downloaded and installed. This message will appear only once and if you download the certificate it will not prompt you again for the same web site. After the installation of this certificate users would be able to login to their Outlook Web Access account.

Leave a Reply

Your email address will not be published. Required fields are marked *