CERTIFICATE SIGNING REQUEST (CSR) GENERATION INSTRUCTIONS FOR MICROSOFT EXCHANGE 2007

Note: The recommended key bit size is 2048-bit.

            Click Start

1. Click All Programs
2. Click Microsoft Exchange Server 2007
3. Click Exchange Management Shell
4. From the Exchange Management Shell enter the following command:
   
   New-ExchangeCertificate -GenerateRequest -SubjectName "C=US, S=State, L=City, O=Organization, OU=Organizational Unit, CN=www.website.com" -privatekeyexportable:$true -keysize 2048 -Path c:\certificate_request.txt
   
   The CSR needs to contain the following attributes:
   
   Country Name (C): Use the two-letter code without punctuation for country, for example: US or CA.
   State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California.
   Locality or City (L): The Locality field is the city or town name, for example: Berkeley.
   Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
   Organizational Unit (OU): This field is the name of the department or organization unit making the request.
   Common Name (CN): The Common Name is the Host + Domain Name. It looks like "www.company.com" or "company.com".
   Subject Alternative Names (SANs): During enrollment for the SSL certificate, SANs can be entered into the enrollment fields.