what kind of certificate to download ? In my case, is Certificate Chain ?Ĥ. When requesting a certificate from CA authority server (also Active Directory of Exchange server), I’ve 2 options : Download a “ROOT CA” or “Certificate Chain”. (please review the table as below) ? IF not, is it possible ?
We’ve to add the names in SAN to DNS server. To do my plan, create SAN is right way ?Ģ. Other domain names =, ,, Īll steps to create certificate/import are followed as inīut I still confuse about this. So, from Exchange server, I create a SAN with all information: To create a mailbox connecting to Exchange email, we only create name and give a exchange email)Īnd some guys tell me to use multiple hosts, you will create SAN certificate. Besides, Linux mail server also support Autodiscover option to lookup Exchange e-mail. (To add Exchange to Linux mail, we only put the name/IP of Exchange server and Administrator account into it. – Linux mail server: use host :, , to connect to Exchange server and use option Autosicover – Users of group_2 use host:, to create Exchange profile and get mail – Users of group_1 use host:, to create Exchange profile and get mail I’ve read some articles relating to SAN, but still confuse about it and I appreciate your help.Įxchange (ex.)(103.20.74.52) Linux mail server () (103.20.76.3) Place the certificate in the Trusted Root Certification Authorities store.Ĭomplete the import wizard and then refresh the Exchange Management Console, and the certificate should now be valid.Įxchange Server Certificates, Exchange 2010, SSL Right-click on Certificates and choose All Tasks and then Import.īrowse and choose the CA Certificate or Certificate Chain that you downloaded earlier. Navigate to Trusted Root Certification Authorities. Launch a new Microsoft Management Console (Start -> Run, mmc.exe) and add the Certificates snap-in to it, connecting to the Computer Account for the Local Computer. For a private certificate authority this can be obtained from the web enrollment page (eg Browse to the web page and click on Download a CA Certificate, Certificate Chain, or CRL.Ĭlick to download either the CA Certificate (if the certificate was issued by a root CA) or the Certificate Chain (if the certificate was issued by an intermediary CA).
To correct the problem you must install the root certificate for the certificate authority.
This may occur when the certificate has been issued by a private certificate authority. This can occur when the certificate cannot be verified to a trusted certificate authority. The certificate is invalid for exchange server usage A certificate installed on an Exchange Server 2010 server may display the following error message.