Author name: ssl

How to Install an SSL/TLS Certificate In Plesk 10 The following instructions will guide you through the SSL installation process on Plesk v.10. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Log in Log in to Parallels Plesk Panel Select Websites & Domains Select Websites & Domains tab in the top navigation menu. Click SSL Certificate Click the SSL Certificate link. Click Manage Click Manage next to the domain the certificate is for. Click Add SSL Certificate Click Add SSL Certificate. Upload the Certificate Files Upload the Certificate Files using either one of the two options below: Option 1: Upload certificate files This option will allow you to browse for your previously saved Private Key, Certificate (Your Server Certificate), and CA Certificate (Intermediate Certificates). Option 2: Upload certificate as text This option will allow you to copy your previously saved Private Key, Certificate (Your Server Certificate), and CA Certificate (Intermediate Certificates) from a text editor such as Notepad and paste into the blank text boxes. Note 1: If you made the CSR and private key outside of your Plesk account and failed to save the files, you will have problems proceeding and may need to re-issue the SSL certificate with a newly created key pair. Note 2: If you received the certificate in a ZIP file, click “Extract All” and then drag your server certificate into a text editor such as Notepad. This will allow you to copy all text contents needed including “—–BEGIN CERTIFICATE—– ” and “END CERTIFICATE—– “. Note 3: If you forgot to save the intermediate certificates, download the appropriate CA Bundle for your certificate. Click Send Files or Send Text Depending on which upload option you chose in the previoys step, click either Send Files or Send Text. Return to the Websites & Domains tab Return to the Website & Domains tab, select your Domain Name, and click Hosting Settings. Check SSL Support Check SSL Support and select your newly uploaded Certificate Name in the Certificate dropdown menu. Click OK Click OK. Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect.  

How to Install an SSL/TLS Certificate In Odin (Plesk v.11, 12, & 12.5) The following instructions will guide you through the SSL installation process on Odin (Plesk v.11, 12, & 12.5). If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Log in to Odin Log in to Odin, this can typically be accessed by going to https://domain.com:8443. Click Website & Domains In the Power User View, click Websites & Domains in the top navigation menu. Navigate to the correct Domain Navigate to the correct Domain Name by scrolling down and click Show More. Select Secure Your Sites Select Secure Your Sites as shown below. Click your Certificate Name Click the Certificate Name associated with your previously created Certificate Signing Request (CSR). Upload the Certificate Files Upload the Certificate Files using either one of the two methods below: Upload the certificate files – This option will allow you to browse for your previously saved Certificate(Your Server Certificate) and CA Certificate (Intermediate Certificates). Upload the certificate as text– This option will allow you to copy your previously saved Certificate (Your Server Certificate) and CA Certificate (Intermediate Certificates) from a text editor such as Notepad and paste into the blank text boxes.Note 1: If you received the certificate in a ZIP file, click “Extract All” and then drag your server certificate into a text editor such as Notepad. This will allow you to copy all text contents needed including “—–BEGIN CERTIFICATE—–“ and “END CERTIFICATE—–“.  Note 2: If you forgot to save the intermediate certificates, download the appropriate CA Bundle for your certificate. Click Send Files or Send Text Depending on the option you chose in Step 6. Click either Send Files or Send Text. Return to the Power User View Return to the Power User View, click Websites & Domains, select your Domain Name, and click Show More. Click Hosting Settings Click Hosting Settings in the options menu that appears after you select Show More Check SSL Support Check the option for SSL Support and select your newly uploaded Certificate Name in the Certificate drop-down menu. Click OK Scroll down and click OK. Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect.  

How to Install an SSL/TLS Certificate In Nginx (OpenSSL) The following instructions will guide you through the SSL installation process on Nginx. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Copy your Certificate Files Copy the Certificate Files into the proper directory on your server. Note: For better security, make them readable by root only. Link your files You need to link the two certificates (or “Concatenate” them) into a single file by entering the command below: cat your_domain_name.crt Intermediate.crt >> bundle.crt Edit your virtual host file Edit your Nginx virtual host file. Copy the existing server module (the non-secure one) and paste it below the original before adding the following lines in bold: server { listen443;     ssl on;     ssl_certificate /etc/ssl/your_domain_name.pem; (or  bundle.crt) ssl_certificate_key /etc/ssl/your_domain_name.key; server_name your.domain.com; access_log /var/log/nginx/nginx.vhost.access.log; error_log /var/log/nginx/nginx.vhost.error.log; location / { root  /home/www/public_html/your.domain.com/public/; index  index.html; } } Restart Nginx Restart Nginx using the command line below: sudo /etc/init.d/nginx restart Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect.  

How to Install an SSL/TLS Certificate In Microsoft Office Communications 2007 The following instructions will guide you through the SSL installation process on Office Communications 2007. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Launch your Office Communications Server 2007 Click Start, then select Programs, then Administrative Tools, and finally Office Communications Server 2007. Expand your snap-in Expand the Enterprise Edition Server snap-in. Select Certificates Right-click the correct Server and select Certificates. Select Next After selecting Next, choose Process the pending request and install the certificate. Select your SSL Certificate Find your SSL Certificate and hit next. Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect.  

How to Install a TLS/SSL Certificate In Microsoft IIS 10 The following instructions will guide you through the SSL installation process on Microsoft IIS 10. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our IIS 10 CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Access Server in IIS Launch IIS Manager and click the server name in the Connections menu on the left. Open Server Certificates Manager On the Home page for the server, locate the IIS section in the center window and double-click Server Certificates. The Server Certificates control panel will open in the center window. Open Complete Certificate Request Wizard On the Actions menu on the right, click Complete Certificate Request… The Complete Certificate Request wizard will open in a new window. Specify Certificate Authority Response Click the …button to locate your certificate on your PC and add it into IIS. The Friendly Nameshould be something that helps you easily identify the certificate, such as the domain name, certificate authority, and expiration date, i.e. “domain.com Sectigo 12/25/2020” Finally, select Web Hostingas the certificate store and click OK to import your certificate. Set Certificate Bindings Return to the server home page in IIS. In the left-side Connectionsmenu, expand Sites and then click on the site that needs the SSL installed. On the Homepage for the website, in the right-side Actions menu, locate Edit Site and click Bindings… The Site Bindings window will open. If you are installing an SSL certificate for the first time, click Addto create a new binding. If you are replacing an old certificate, click the existing binding and then click Edit. In the Add Site Bindingswindow, select the following: Type: https IP Address: Select your site’s IP Address or All Unassigned. Port: 443 Host Name: Not required for single name certificate installation. If you are installing more than one certificate, or installing the certificate on more than one website, enter the host name (domain) that you want to secure and check the box to Require Server Name Indication. SSL Certificate: Select your site’s certificate from the drop-down menu. When all settings are configured, click OK. Your certificate should now be installed. You can navigate to your site in a web browser to check for the padlock, or use an online SSL Checker tool to verify the installation.  

How to Install an SSL/TLS Certificate In Microsoft IIS 8 The following instructions will guide you through the SSL installation process on Microsoft IIS 8 using a SSL certificate that only secures one domain name. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions (single name certificate) Launch IIS Manager Click Start, Control Panel, System and Security, Administrative Tools, and then select Internet Information Services (IIS) Manager. Select your server name In the left Connections menu, select the server name (host) where you want to install the SSL certificate. Click Server Certificates In the center menu, click the Server Certificates icon under the Security section near the bottom. Click Complete Certificate Request… In the right Actions menu, click Complete Certificate Request… Browse to your server certificate In the Complete Certificate Request wizard, click “…” to browse and select Your Server Certificate file that was previously saved on your server’s desktop. Name your certificate Enter a Friendly Name, which is an internal reference name to distinguish the file later. We recommend including the CAs name and expiration date. Select Personal Select Personal as your certificate store for the new certificate. Click OK Click OK and the newly installed certificate should appear in the refreshed Server Certificate List. Binding Your Certificate to Your Website Now, proceed with the remaining steps which will help you assign or bind the SSL certificate to the appropriate website. Access your Sites folder From the left Connections menu, expand your server’s name, expand the Sites folder, and then select the site (e.g. Default Web Site) that you want to secure. Click Bindings… In the right Actions menu, click Bindings… Click Add In Site Bindings…, if you are installing a new certificate and need to create a new binding, click Add. If you are renewing an expiring certificate, click the existing binding and click Edit.Note: If you already have the appropriate site binding created, click “Edit” and change the SSL certificate accordingly. Input the following In Add Site Binding, enter the following information: Type – Select “https.” IP Address– Select “All unassigned.” Now, if you have multiple IP address, select the correct one that applies. Port – Enter “443” unless you are listening to SSL traffic on another port (e.g. 992). SSL Certificates – Select the “friendly name” of the SSL certificate you just installed.  You can always click “View” to confirm the certificates validity details. Click Ok Click Ok to finish binding the SSL certificate to your live website. Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect. To check your server’s configurations more thoroughly, use our SSL Checker Tool or contact our Customer Experience Department for additional assistance. SSL Installation Instructions (multiple certificates using SNI) The following instructions will guide you through the SSL installation process on Microsoft IIS 8 with multiple SSL certificate securing one or more domain names using Server Name Indication (SNI). If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. Launch IIS Manager Click Start, Control Panel, System and Security, Administrative Tools, and then select Internet Information Services (IIS) Manager. Select your server name In the left Connections menu, select the server name (host) where you want to install the SSL certificate. Click Server Certificates In the center menu, click the Server Certificates icon under the Security section near the bottom. Click Complete Certificate Request… In the right Actions menu, click Complete Certificate Request… Browse to your server certificate In the Complete Certificate Request wizard, click “…” to browse and select Your Server Certificate file that was previously saved on your server’s desktop. Name your certificate Enter a Friendly Name, which is an internal reference name to distinguish the file later. We recommend including the CAs name and expiration date. Select Web Hosting Select Web Hosting as your certificate store for the new certificate. Click Ok Click Ok and the newly installed certificate should appear in the refreshed Server Certificate List. Note: If you receive an error during this step, please reference the “Known Error Message in IIS 8” section below. Binding Your Certificates to Your Website (multiple certificates using SNI) Now, proceed with the remaining steps which will help you assign or bind the SSL certificate to the appropriate website. Access your Sites folder From the left Connections menu, expand your server’s name, expand the Sites folder, and then select the site (e.g. Default Web Site) that you want to secure. Click Bindings… In the right Actions menu, click Bindings… Click Add… In Site Bindings…, click Add…Note: If you already have the appropriate site binding created, click “Edit” and change the SSL certificate accordingly. Input the following In Add Site Binding, enter the following information: Type – Select “https.” IP Address– Select “All unassigned.” Now, if you have multiple IP address, select the correct one that applies. Port – Enter “443” unless you are listening to SSL traffic on another port (e.g. 992). SSL Certificates – Select the “friendly name” of the SSL certificate you just

How to Install an SSL/TLS Certificate In Microsoft IIS 7 The following instructions will guide you through the SSL installation process on Microsoft IIS 7. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Launch IIS Manager Click Start, Control Panel, Administrative Tools, and then select Internet Information Services (IIS) Manager. Select your server name In the left Connections menu, select the server name (host) where you want to install the certificate. Navigate to the Security section In the center menu, click the Server Certificates icon under the Security section near the bottom. Click Complete Certificate Request In the right Actions menu, click Complete Certificate Request. Browse to your Server Certificate In the Complete Certificate Request wizard, click “…” to browse and select Your Server Certificate file that was previously saved on your server’s desktop. Name your certificate Enter a Friendly Name which is an internal reference name to distinguish the file later. We recommend including the CAs name and expiration date. Click OK Click OK and the newly installed certificate should appear in the refreshed Server Certificate List. Note: If you receive an error during this step, please reference the “Known Error Messages in IIS 7” section below. Binding Your Certificate to Your Website Now, proceed with the remaining steps which will help you assign or bind the SSL certificate to the appropriate website. Access your Sites folder From the left Connections menu, expand your server’s name, expand the Sites folder, and then select the site (e.g. Default Web Site) that you want to secure. Click Bindings… In the right Actions menu, click Bindings… Click Add In Site Bindings…, click Add.Note: If you already have the appropriate site binding created, click “Edit” and change the SSL Certificate accordingly. Input the following In Add Site Bindings, enter the following information: Type – Select “https”. IP Address– Select “All unassigned”. Now, if you have multiple IP addresses, select the correct one that applies. Port – Enter “443” unless you are listening to SSL traffic on another port (e.g. 992). SSL Certificates – Select the “friendly name” of the SSL certificate you just installed.  You can always click “View” to confirm the certificates validity details. Click Ok Click Ok to finish binding the SSL certificate to your live website. Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect. To check your server’s configurations more thoroughly, use our SSL Checker Tool or contact our Customer Experience Department for additional assistance. Known Error Messages in IIS 7 Microsoft IIS 7 is known to generate one of the two error messages: “Cannot find the certificate request associated with this certificate file. A certificate request must be completed on the computer where it was created.” And “ASN1 bad tag value met.” If you are certain this is the same server where you generated the CSR, then the error may be meaningless and the certificate may have correctly installed. To test this, close the dialog and click “F5” to refresh the list of server certificates. The new certificate should now be in the list, and you can continue with the next step. However, if the newly installed certificate does not appear in the server certificate list, we recommend you re-issue the certificate with a new CSR and attempt the installation process again. Here are some instructions to guide you through the reissuance process: Generate a new CSR Generate a new Certificate Signing Request (CSR) in Microsoft IIS 7. Access your Account Control Panel Log in to your Account Control Panel. Select your Active Certificate Select your Active Certificate. Click Re-Issue Certificate Click the Re-Issue Certificate button. Paste your new CSR Paste in your new CSR. Complete Domain Validation Submit and complete domain validation again (if required). Save the new certificate Save the newly issued SSL certificate on your server’s desktop. Repeat the Installation Instructions Repeat the SSL installation process referencing the above instructions. Manual Intermediate Installation Instructions If the intermediate certificates did not successfully install and configure themselves accordingly, please reference the instructions below on how to manually install them in Microsoft IIS 7. Open your Intermediate Certificate Double-click the previously saved Intermediate Certificate from your server’s desktop and click Open. Click Install Certificate… In the Certificate, under the General tab, click Install Certificate… to start the importation process and then click Next. Select Place all certificates in the following store Select Place all certificates in the following store and click Browse. Check Show physical stores Check the Show physical stores box. Expand Intermediate Certification Authorities Expand the Intermediate Certification Authorities folder. Select Local Computer Select Local Computer, click OK, then Finish. Restart your server Restart your Microsoft IIS server.  

 How to Install an SSL/TLS Certificate In Microsoft IIS 5 & 6 The following instructions will guide you through the SSL installation process on Microsoft IIS 5 & 6. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Launch your IIS Manager Click Start, Control Panel, Administrative Tools, and then select Internet Information Services (IIS) Manager. Access your Web Sites folder In the left menu, click + next to your local computer and then Web Sites. Access your website’s Properties Right-click the website (i.e. Default Web Site) that you want to protect and click Properties. Go to Directory Security In the Default Web Site Properties window, select the Directory Security tab, click Server Certificate…, and then Next. Select Process the pending request and install the certificate Select Process the pending request and install the certificate and then click Next. Browse to your server certificate Click Browse and locate Your Server Certificate (.crt or .cer) that you previously saved on your server’s desktop.Note: In the Open window, select “All files (*.*) for Files of type. This will help when searching for the .crt or .cer file. Complete the installation Click Next, Next, and Finish to complete the installation process. Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect. To check your server’s configurations more thoroughly, use our SSL Checker Tool or contact our Customer Experience Department for additional assistance. Manual Intermediate Installation Instructions If the intermediate certificates did not successfully install and configure themselves, please reference the instructions below on how to manually install them in Microsoft IIS 5 & 6. Open your Intermediate Certificate Double-click the previously saved Intermediate Certificate from your server’s desktop and click Open. Click Install Certificate… In the Certificate, under the General tab, click Install Certificate… to start the importation process and then click Next. Select Place all certificates in the following store Select Place all certificates in the following store and click Browse. Check Show physical stores Check the Show physical stores box. Expand Intermediate Certification Authorities Expand the Intermediate Certification Authorities folder. Select Local Computer Select Local Computer, click Ok, then Finish. Restart your server Restart your Microsoft IIS server.  

How to Install an SSL/TLS Certificate In Microsoft Exchange 2010 The following instructions will guide you through the SSL installation process on Microsoft Exchange 2010. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Copy your certificate Copy your Primary Certificate to your Exchange Server’s desktop. Select Exchange Management Console Open the Start menu, go to Programs, select Microsoft Exchange 2010 and then choose Exchange Management Console. Select Server Configuration Click the Manage Databases link, then select Server Configuration. Select Complete Pending Request Find your certificate on the menu in the center of the screen, then click Complete Pending Request in the Actions menu.   Open your certificate Find your certificate file, then select Open, then Complete. Note: Exchange 2010 sometimes gives an error message, “The source data is corrupted or not properly Base64 encoded.” Hit the “F5” key to refresh and make sure it says “False” under “Self-Signed.” If it does still say true, you may need to regenerate your CSR on the current Exchange 2010 Server, or reissue your certificate. Enable your certificate Next you will need to enable your certificate, go back to the Exchange Management Console and select Assign Services to Certificate. Select your server Select your server, then click next. Choose your services Choose the services for which you would like to enable your new certificate: Next > Assign > Finish Note: If you prefer to install your certificate using Exchange Powershell, just run the following command where just the desired services are specified by the Enable-ExchangeCertificate segment of the command: Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\your_domain_name.p7b -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services “IIS,POP,IMAP,SMTP” Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect.  

How to Install an SSL/TLS Certificate In Microsoft Exchange 2007 The following instructions will guide you through the SSL installation process on Microsoft Exchange 2007. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below. What You’ll Need Your server certificate This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order. Your intermediate certificates These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate. Your private key This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it. Installation Instructions Copy and save your certificate on your Exchange Server. Connect to your Exchange Server via FTP and copy your SSL Certificate File onto your Exchange Server’s desktop. Select Exchange Management Shell From the Start menu, choose MS Exchange Server 2007, then select Exchange Management Shell. Run the Import and Enable commands together Run the Import-ExchangeCertificate and Enable-ExchangeCertificate commands together: Import-ExchangeCertificate -Path C:\newcert.p7b | Enable-ExchangeCertificate –Services “SMTP, IMAP, POP, IIS” Note: Both commands are run on the same line, divided by a “pipe” character. Verify the certificate has been enabled To verify whether or not the certificate has been enabled, run the following command: C:\> Get-ExchangeCertificate -DomainName your.domain.name Note: In the Services column, SIP and W are abbreviations for “SMTP,” “IMAP,” “POP3” and “Web (IIS). If the Certificate is not properly enabled, run the Enable-ExchangeCertificate command line again by copying the thumbprint of your certificate as shown below: Enable-ExchangeCertificate -ThumbPrint [paste] -Services “SMTP, IMAP, POP, IIS” Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect. To check your server’s configurations more thoroughly, use our SSL Checker Tool or contact our Customer Experience Department for additional assistance. Manual Intermediate Installation Instructions Select Run Open the Start menu, select Run… Access mmc Type mmc, click OK. The Microsoft Management Console window should open. Select Add/Remove Snap-In Select the File menu, choose Add/Remove Snap-In. Add a Certificate Click Certificates, then Add. Select the correct account Select the correct computer account, then Next. Choose Local Computer Choose Local Computer, then click Finish. Click OK Click OK to close Add/Remove Snap-Ins. Expand the Certificate folder In the Console window, expand Certificates. Import your intermediate certificate Right-click on Intermediate Certification Authorities, hover over All Tasks, then select Import. Click Next The Certificate Import Wizard should appear, click Next. Select Browse Select Browse and locate the Intermediate Certificate file. Change the extension to PKCS #7 Change the extension filter in the bottom right corner to: PKCS #7 Certificates (*.spc;*.p7b). Open the Certificate File Select the Certificate File and click Open. Click Next Choose Next. Click Place All Certificate in the Following Store Click Place All Certificate in the Following Store. Select Browser Select Browser, choose Intermediate Certification Authorities, then click Next. Select Finish Select Finish.