1. Home
  2. Knowledge Base
  3. SSL Certificate Guides
  4. Generate CSR
  5. Microsoft Exchange
  6. How to Generate a CSR for a Microsoft Exchange 2013 or 2016 Web Server

How to Generate a CSR for a Microsoft Exchange 2013 or 2016 Web Server

Follow these instructions to generate a CSR for your Exchange server. When you have completed this process, you will have a CSR ready to submit to TRUSTZONE in order to be generated into an SSL certificate.

1. Access the EAC by opening a browser and browsing to the URL of your server (e.g., https://localhost/ecp)

2. On the Exchange Admin Center credentials page, type your Domain/user name and Password and then click sign in

3. In the EAC, in the sidebar menu on the left, click Servers and then in the menu at the top of the page, click Certificates

4. On the Certificates page, in the Select server drop-down list, select your Exchange 2016 server and then click the + symbol

5. In the new Exchange certificate wizard, select Create a request for a certificate from a certification authority and then click Next

6. In the Friendly name for this certificate: box, type a friendly name for the certificate, and then click Next. The friendly name isn’t part of the certificate; instead, it’s used to identify the certificate. We recommend that you add TRUSTZONE and the expiration date to the end of your friendly name, for example: yoursite-TRUSTZONE-expirationDate. This information helps identify the issuer and expiration date for each certificate. It also helps distinguish multiple certificates with the same domain name

7. Wildcard certificate

Note: If you are not creating a CSR for a wildcard certificate, click Next.

To create a CSR for a wildcard certificate, do the following:

• Check Request a wild-card certificate
• In the Root domain: box, type the root domain for all the subdomains (e.g., *.example.com)
• Click Next

8. In the *Store certificate request on this server box, click Browse…, select the server you want to store the certificate request on, and then click Next

9. Select domain(s) to include on the SSL certificate

Note: If you are creating a CSR for a wildcard certificate, skip this step by clicking Next and Next. Proceed to step 10

To select the domain(s) that you want to be included on your SSL certificate, do the following:

• Click Next. The wizard populates the list with domains that Exchange 2016 suggest you include in your certificate request. Although you can edit the list of domains on this page of the wizard, we recommend doing it on the next page
• On the next page, review the list of names/domains and use the +, ?, -, and ? symbols to add, edit, remove and select the domains you want to be included on your SSL certificate
• When you are finished, click Next

10. Under Specify information about your organization, provide the following information, and then click Next:

• Organization name: Type your company’s legally registered name (e.g., TRUSTZONE A/S)

• Department name: Type the name of your department within the organization. Frequently this entry will be listed as “IT” or “Web Security”

• City/Locality: Type the city/locality where your company is legally located

• State/Province: Type the state/province where your company is legally located

• Country/Region name: In the drop-down list, select the country/region where your company is legally located

11. Under Save the certificate request to the following file, enter a UNC path to save your CSR to

Note: Select a location that you can access. You must be able to access the location so that you can use the CSR to order your SSL certificate

12. Click Finish to generate the CSR and save it to the specified UNC path. 13. Use a text editor (such as Notepad) to open the file. Then copy the entire text and paste it into the CSR form when you order the certificate.


Get in touch with us for a non-binding quote

We will contact you as soon as possible.

* Please use a work email address to register

Was this article helpful?