Jan 6, 2023

To generate a CSR, use the Exchange Management Shell. To access the Exchange Management Shell perform the following steps:


Note: The recommended key bit size is 2048-bit.

            Click Start

  1. Click All Programs
  2. Click Microsoft Exchange Server 2007
  3. Click Exchange Management Shell
  4. From the Exchange Management Shell enter the following command:

    New-ExchangeCertificate -GenerateRequest -SubjectName "C=US, S=State, L=City, O=Organization, OU=Organizational Unit, CN=www.website.com" -privatekeyexportable:$true -keysize 2048 -Path c:\certificate_request.txt

    The CSR needs to contain the following attributes:

    Country Name (C): Use the two-letter code without punctuation for country, for example: US or CA.
    State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California.
    Locality or City (L): The Locality field is the city or town name, for example: Berkeley.
    Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
    Organizational Unit (OU): This field is the name of the department or organization unit making the request.
    Common Name (CN): The Common Name is the Host + Domain Name. It looks like "www.company.com" or "company.com".
    Subject Alternative Names (SANs): During enrollment for the SSL certificate, SANs can be entered into the enrollment fields.



Have any Questions


If you have any questions, feel free to call us