3,477 views
Exchange 2010 Certificates
Published October 24, 2009 | 
In an older blog post on Certificate Authorities, I have provided some information about the process to generate Exchange 2007 certificates. This process has slightly changed in Exchange 2010, and Johan Delimon (pro-exchange.be) has written an excellent article about this : Generating Exchange 2010 Certificates (Exchange Management Shell)
The 2 most important changes are :
- the new-exchangecertificate cmd-let no longer supports the -path variable (so requests cannot be written directly to disk)
- the 2007 GUI at Digicert still uses the -path parameter, so a new GUI was created to support 2010 certificate requests
In short, the updated procedure is :
- generate the powershell command using an updated gui at Digicert : https://www.digicert.com/easy-csr/exchange2010.htm
- Save the exchange certificate request into a $Data variable
- Write the contents of the $Data variable to a file (Set-Content -path “c:\request.req” -Value $Data)
Then, sign and import the certificate (bb124424(EXCHG.140).aspx)
.
© 2009 – 2021, Peter Van Eeckhoutte (corelanc0d3r). All rights reserved.
Similar/Related posts:
Exchange 2007/2010 : Renaming attachments ‘on the fly’ – custom transport agent
Exploit writing tutorial part 7 : Unicode – from 0x00410041 to calc
Fixing Exchange 2007 Offline Address Book generation (oalgen) and distribution issues
Juniper ScreenOS : defeating iBGP full mesh requirement using route reflectors and confederations
Windows 2008 PKI / Certificate Authority (AD CS) basics
Donate
Want to support the Corelan Team community ? Click here to go to our donations page.
Want to donate BTC to Corelan Team?
Your donation will help funding server hosting.
Your donation will help funding server hosting.
