CSR-Microsoft Exchange 2007

To generate a CSR, you will need to use the Exchange Management Shell.

The CSR needs to contain the following attributes:

- Country Name (C): Use the two-letter code without punctuation for country, for example: US or CA.
- State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California.
- Locality or City (L): The Locality field is the city or town name, for example: Berkeley.
- Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
- Organizational Unit (OU): This field is the name of the department or organization unit making the request.
- Common Name (CN): The Common Name is the Host + Domain Name. It looks like “www.company.com” or “company.com”.

Note: VeriSign certificates can only be used on Web servers using the Common Name specified during enrollment. For example, a certificate for the domain “domain.com” will receive a warning if accessing a site named “www.domain.com” or “secure.domain.com”, because ”www.domain.com” and “secure.domain.com” are different from “domain.com”.

Here is an example of the proper command syntax:

New-ExchangeCertificate -GenerateRequest -SubjectName “C=US, S=State, L=City, O=Company Name, OU=Organizational Unit, CN=www.website.com” -privatekeyexportable:$true -keysize 1024 -Path c:\certificate_request.txt

Note: For Extended Validation certificates the key bit length must be 2048 (-keysize 2048)

Please refer to Microsoft knowledge base at: http://technet.microsoft.com/en-us/library/aa998840.aspx