Exchange 2010 RC Certificate ( Generate, Import & Enable )
| Published date | Wed, 2009-09-02 08:52 |
| Category | |
| Author | Wan Ziyang, Triston |
| Printable Version | Email this Article | |
|
|
|
| Post to del.icio.us | Furl it | Spurl it | |
|
|
|
In this article, I am going to touch on the certificate part. I realize there are quite a lot of changes for Exchange Certification in terms of generate requests and import from Exchange Cmdlet point of view.
Here is the comparison between the same command on both Exchange 2007 and Exchange 2010 RC.
Exchange 2007
Generate request
New-ExchangeCertificate -GenerateRequest -Path c:\yourdomain.req -KeySize 2048 -SubjectName "c=SG, s=SG, l=SG, o=My Pte Ltd, ou=Exchange, cn=yourdomain.com" -DomainName yourdomain.com, autodiscover.yourdomain.com, mail.yourdomain.com, cas001.yourdomain.com.local, cas001, cas002.yourdomain.com.local, cas002 -PrivateKeyExportable $True
Import Certficate and Enable services
Import-ExchangeCertificate -Path C:\yourdomain.cer | Enable-ExchangeCertificate -Services "IIS,POP,IMAP"
For .pfx format
Import-ExchangeCertificate -Path c:\exported_cert.pfx -Password:(Get-Credential).password
Exchange 2010
Generate request
New-ExchangeCertificate -GenerateRequest -KeySize 2048 -SubjectName "c=SG, s=SG, l=SG, o=My Pte Ltd, ou=Exchange, cn=yourdomain.com" -DomainName yourdomain.com, cas01, cas01.yourdomain.com.local, cas02, emstapch02.yourdomain.com.local, mail.yourdomain.com, autodiscover.yourdomain.com -PrivateKeyExportable $True
Notice the missing parameter of "Path"?
This is how Exchange 2010 do if you need to generate physical file on your CAS server
$Data=New-ExchangeCertificate -GenerateRequest -KeySize 2048 -SubjectName "c=SG, s=SG, l=SG, o=My Pte Ltd, ou=Exchange, cn=yourdomain.com" -DomainName yourdomain.com, cas01, cas01.yourdomain.com.local, cas02, emstapch02.yourdomain.com.local, mail.yourdomain.com, autodiscover.yourdomain.com -PrivateKeyExportable $True
Set-Content -path "C:\req.req" -Value $Data
Import Certficate and Enable services
Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\portal.cer -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services "IIS,POP,IMAP"
For .pfx format
Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\certificates\ExportedCert.pfx -Encoding byte -ReadCount 0)) -Password:(Get-Credential).password| Enable-ExchangeCertificate -Services "IIS,POP,IMAP"
You may notice the drastic changes on the import portion. The import command required additional input such as file encoding format.
Well, the "get-help" command is very useful with "-example" appended behind.
Have fun with Exchange 2010!!
Discuss/Post to digWin
About Wan Ziyang(Triston)
Wan Ziyang (Triston) is Sr.Consultant with a System Integrator based in Singapore. He is MCSE since year 2005 and MVP in Exchange Server. Triston leads Singapore MessagingTalk User Group activities where folks interested in Microsoft Messaging Technologies gather for learning and networking. He has done several implementation on various versions of Exchange Servers. He is also Redhat Certified Engineer on EL4.
Recent Articles by the author
Featured Links
-
VirtualServerTalk.com: Fresh look at virtualization community.
Get all tips, guides, reviews you need to know today. -
WorkStationTalk.com: Gateway to Imaging & Maintenance of your WorkStation.
