SSL Certificates

SSL Certs, SSL Certificate, SSL Certificates

Securing Your Online Business

Microsoft Exchange Server 2007 Support

During the online enrollment process you will be required to provide Entrust Certificate Services with a Certificate Signing Request (CSR). This encrypted data is generated from your Exchange 2007 server and contains information about your company and Web server.

It is important to review this guideline, as Entrust Certificate Services will use this information to generate your certificate.

To generate your Key Pair and Certificate Signing Request (CSR):

To generate an Entrust Unified Communications certificate (UCC) request within the Exchange Management Shell, you will use the New-ExchangeCertificate cmdlet.

To generate a certificate request, use the GenerateRequest parameter together with the Path parameter to define where the request file will be created. The resulting file will be a PKCS #10 request (.req) file.

The following examples show some typical certificate requests.

The first example generates a certificate request for Entrust's Exchange server: mail1. The CN of the Subject Name contains the FQDN of the server:

New-ExchangeCertificate -GenerateRequest -SubjectName "c=US, o=Entrust Inc., cn=mail.entrust.com" -privatekeyexportable $true -Path c:\certificates\mail1.entrust.req

The second example generates a certificate request for Entrust's Exchange server, mail1.entrust has a Send connector on each Edge Transport server that has a FQDN of mail.entrust.com:

New-ExchangeCertificate -GenerateRequest -SubjectName "c=US, o=Entrust Inc., cn=mail.entrust.com" -DomainName mail1.entrust.com,mailsrvr,autodiscover.local.entrust.com -privatekeyexportable $true -Path c:\certificates\mail1.entrust.req

In both examples above, the SubjectName must contain country (c=), organizationName (o=), and commonName (cn=) with the following caveats:

  • The company listed in the organizationName (o=) must own the domain name that appears in commonName (cn=) of your Web server.
  • The commonName must be identical to the fully qualified domain name of the site for which you are requesting a certificate. Such as mail1.entrust.com

Notes:

  • Do not specify the protocol (http://), any port numbers or pathnames in the Common Name (CN).
  • You may choose to include locality, stateOrProvince, organizationalUnit in the commonName but these fields are not required.
  • Do not use the following characters in any of the fields in the Exchange Management Shell : > < ! @ # $ % ^ * ( ) ~ ? / \.

Parameters Defined:

New-ExchangeCertificate — Creates a new self-signed certificate or a new certificate request for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) services.

-GenerateRequest — Specifies the type of certificate object to create.

-SubjectName — Specifies the Subject Name on the resulting certificate

-privatekeyexportable $true — Allows the private key to be backed up. Works on production software only

-Path — Specifies a path of the resulting PKCS #10 request file

IncludeAcceptedDomains — Includes all the defined accepted domains in the domain names field

SSL Secured Server

Entrust understands that before customers send sensitive information through the Internet, they first look for signs of assurance that their information does not end up in the wrong hands. That's why purchasing a SSL cert from Entrust effectively equips your web properties with the SSL security technology needed to give your clients peace of mind in knowing that their data is protected by robust encryption algorithms. Entrust provides websites with advanced SSL server certificates, including EV SSL certificates, to protect customer data, build consumer confidence, and protect your website's security reputation.

Entrust SSL solutions deliver powerful encryption in the form of the certificate https protocol in your website's URL - an indicator customers are trained to look for to determine if a secure SSL connection is actively protecting their information. Savvy website visitors also know to search for the tiny lock icon in their browser to verify if a certificate SSL is in use. Not providing your visitors with these critical beacons of secure computing can make the difference between gaining a customer a losing one. Entrust recognizes that in the competitive marketplace of the Internet, a website must deploy SSL security to successfully attract and retain consumers.

In addition to playing a major role in securing transactions over the World Wide Web, Entrust offers powerful network security solutions for website administrators. Learn more about purchasing Entrust SSL certificates or other SSL server encryption products and services to understand why Entrust network security solutions have been the choice for website administrators and e-commerce sites for over a decade.