Whichever mechanism is used, once the request is processed,
the certificate authority returns a valid digital certificate. This certificate needs to be protected because it
contains both the public and the private key.
Chapter 6: Confi guring the Client Access Server Role
175
Importing the Certificate
Once the digital certificate is received, the next step is to import the certificate into the computer ??™ s
certificate store. This step must be executed on the same machine that made the request. This is because
the security on the certificate is unique to the machine that ran the New-ExchangeCertificate cmdlet.
If the import is run on a different machine, the resulting imported certificate will not have the private
key, and it will not be usable for the next step.
Import-ExchangeCertificate -Path < String > [-DomainController < Fqdn > ]
[-FriendlyName < String > ] [-Password < SecureString > ]
In the test environment example, the following is the cmdlet used to import the certificate:
Import-ExchangeCertificate -Path C:\temp\certreq.req
If a mistake is made after a certificate is imported, it can be removed with the
Remove- ExchangeCertificate cmdlet. This cmdlet requires confirmation in order
to complete the action, as shown in Figure 6-7.
Figure 6-7
Part II: Working with Server Roles
176
Enabling the Certificate
The final step is to enable the certificate.
Pages:
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274