SSL Certs, SSL Certificate, SSL CertificatesSSL Certificates

Securing Your Online Business

Microsoft Exchange Server 2007 Support

Installing your Entrust Unified Communications Certificate (UCC) into Microsoft Exchange Server 2007:

Your Entrust Unified Communications Certificate (UCC) will be sent to you in confirmation email with a link to retrieve the certificate. The certificate will be displayed in the following format:

-----BEGIN CERTIFICATE-----
MIIC4zCCAkygAwIBAgIBAzANBgkqhkiG9w0BAQUFADBFMQs
wCQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW
9uMRwwGgYDVQQDExNHVEUgQ3liZXJUcnVzdCBSb290MB4XD
YwZDAPBgNVHRMECDAGAQH/AgEDMA4GA1UdDwEB/wQEAwIBB
jBBBgNVHR8EOjA4MDagNKAyhjBodHRwOi8vY2RwLmJhbHRp
bW9yZS5jb20vY2dpLWJpbi9DUkwvR1RFUm9vdC5jZ2kwDQY
JKoZIhvcNAQEFBQADgYEAgbZwffFU+FjjNYTSoUFyRAAysI
auOknVaLteQPQJxBGLMhXGdfejVBTWLb1UTFBQXNNCiqm8C
o+dYikuVB+0/1habRkb+k4vFe6tn5IvQMnfhZbSJNoXn5Il
GVDWQYlfC0/R1wjfv+U6rzTJbJ7WXX0Ka5jKLKuckXNvu7E
qOA4=
-----END CERTIFICATE-----

You will need to save it to your computer as a certificate file (.cer) or (.crt)

  1. Copy the Entrust Unified Communications Certificate (UCC) and be sure to include the "----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" lines.
  2. Paste the Entrust Unified Communication Certificate into a text editor such as Notepad and ensure that the entire text is flushed to the left with no leading or trailing white space.
  3. Save the certificate file as .cer or .crt
  4. Once you have saved the certificate file to your computer, you must then install the certificate with the Import-ExchangeCertificate cmdlet.

    Important:
    Do not use the Certificate snap-in to import the certificates for any service on an Exchange server. Using the Certificate snap-in to import certificates on Exchange servers will fail. Therefore, TLS or other Exchange certificate services will not work.

    The following example shows how to import a certificate for SMTP TLS:
    Import-ExchangeCertificate -Path c:\certificates\mail1.entrust.com.cer Enable-ExchangeCertificate -Services SMTP

    Parameters defined:

    Import-ExchangeCertificate — Imports a certificate or chain of certificates that have been issued from a certification authority.

    -Path — Specifies a path of the file that you want to import.

    Enable-ExchangeCertificate — Enables and disables an existing certificate that is in the local certificate store for different services

    -Services — Specifies the services that will use the resulting certificate. Valid entries include a combination of the following:

    • IMAP
    • POP
    • UM
    • IIS
    • SMTP
    • None
  5. In order to see if your certificate has been installed and enabled for the right service, you can use the Get-ExchangeCertificate cmdlet:

    Get-ExchangeCertificate

    You will be shown a list of certificates including their thumbprint, the services they can be used for as well as the Subject name. In this case, the certificate with the thumbprint ending in D5765 has been enabled for SMTP, IMAP, POP3, and WEB but not for UM (Unified Messaging)