Exchange Server 2016Microsoft

How To Install SSL Certificate In Exchange 2016

Check How Can You Install SSL Certificate On Exchange Server

How To Install SSL Certificate In Exchange Server 2016

To install the SSL certificate in exchange 2016,

You have to plan a few things before you proceed with your SSL certificate installation.

 

Why you need third-party SSL certificate

As you know exchange server uses multiple protocols to communicate with clients, applications, and servers over the network.

These protocols are https, IMAP, POP, and SMTP.

When a client tries to authenticate the exchange server, these credentials are sent over the network and can be intercepted.

Third-party SSL is used to secure and encrypt these connections & credentials

To make the network traffic secure between server and client these SSL certificates are necessary.

Though the exchange server has its own self-sign certificate, it is not trusted by the outside clients.

If you want to use it only for the internal purpose and don’t want to buy a third-party SSL certificate.

You can use it. However, an internal certificate does not trust by external computers.

So, you must use a trusted CA certificate

 

How to choose SSL Certificate for Exchange Server 2016

First choose the trusted brand that provides the SSL certificate like comodo, DigiCert, etc.

Make sure about namespace included in the SSL certificate.

For how long you are buying it, like for 1 yr, 2 or more.

Furthermore, confirm the validation date of the issued certificate.

 

Namespace included in SSL certificate

There are two scenarios where you can consider what namespace should you include in your exchange SSL certificate.

If you have a single site and simple exchange server environment and want to cross down the cost of SSL.

You can choose three main names for your SSL.

for example, our domain is techijack.com

we have configured our internal and external URL as follows

 

  • Ecp: External & Internal URL: https://mail.techijack.in/ecp
  • Ews: External & Internal URL https://mail.techijack.in/EWS/Exchange.asmx
  • Mapi: External & Internal URL: https://mail.techijack.in/mapi
  • Microsoft Active Sync: External & Internal URL: https://mail.techijack.in/Microsoft-Server-ActiveSync
  • OAB: External & Internal URL: https://mail.techijack.in/OAB
  • OWA: External & Internal URL: https://mail.techijack.in
  • Autodiscover : https://autodiscover.techijack.com/autodiscover/autodiscover.xml

Note: You have to set the autodiscover url from exchange management shell, it cannot be set from exchange admin center.

Now we need three names in our SSL certificate.

These names are Mail.techijack.com, autodiscover.techijack.comand techijack.com

Moreover, POP, IMAP & SMTP services can be assigned a different namespace.

However, if you decide a separate namespace for IMAP, SMTP, and POP

Therefore, you have to include these names as well as in your certificates.

For example: imap.techijack.com, smtp.techijack.com, & pop.techijack.com

It may increase the cost of an exchange SSL certificate but there are organizations.

Therefore, they plan there namespace like this.

 

Installation Of SSL Certificate in Exchange Server.

In the first place, you need to create a CSR file from your exchange server.

Submit the CSR file to the SSL service provider.

Get the certificate

Complete the request.

As a result check, a certificate is valid or not.

Below video explains how you can install SSL on exchange server 2016

In case of any problem, leave a comment or feel free to contact techijack.com

 

Show More

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button

Adblock Detected

Please dissable adblock, to view the content of website.