The following instructions will guide you through the CSR generation process on Microsoft Exchange 2016. To learn more about CSRs and the importance of your private key, reference our Overview of Certificate Signing Request article. If you already generated the CSR and received your trusted SSL certificate, reference our Microsoft Exchange 2016 SSL Installation Instructions and disregard the steps below.

Generate CSR for Microsoft Exchange 2016

  1. Login to Exchange Admin Center (EAC). EAC is generally accessed via browser using your server's URL (i.e. https://localhost/ecp)
  2. In EAC, on the left sidebar, click Servers.
  3. On the menu on the top of the page, click Certificates.
  4. On the certificates page, select your Exchange 2016 server from the Select Server menu. 
  5. Click the + symbol.
  6. In the Exchange Certificate wizard, select Create a request for a certificate from a certification authority, then click Next.
  7. Type in a Friendly Name for the certificate. It is recommended to include the Certificate Authority name and date in the friendly name so you can easily identify the request on the server. The friendly name is not included on the certificate.
  8. If you are not creating a wildcard CSR, click next. 
    • If you are creating a wildcard CSR, check Request a Wildcard certificate. The format for a wildcard common name is *.domain.com
  9. Store the certificate request on this server: click Browse and pick the server where the certificate request should be saved, then click Next.
  10. Select the domains to include on the SSL certificate. If you are creating a wildcard SSL, skip this step.
  11. On the next page, you may add, edit, or remove the domains to be included on the request.
  12. Enter the CSR details.Your CSR must include the following information:
    • Organization name
    • Organization unit/department
    • City/locality
    • State/region (do not abbreviate)
    • Country
  13. Save the certificate request to the following file: enter a UNC path to save the CSR.
  14. Click Finish.
  15. You can now open the CSR in a text editor like notepad to copy/paste or upload into our certificate order form. 

After finishing the generation process for your SSL certificate, you're ready to move on to validation. Please refer to our SSL validation guides for more information on the various requirements for each type of validation level. 

When you are ready to install the certificate, please check our Microsoft Exchange 2016 SSL Installation guide.