Share via

  • Article

Appendix A: Generate an Offline Request (for a Public CA)

Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

This section describes the procedures for requesting a certificate from a Public CA. If you need to generate an offline request or you are using a public CA, use the following set of instructions to request and process the certificate.

To request the certificate

  1. On the server on which you have installed Office Communications Server, click Start, click Programs, click Administrative Tools, and then click Office Communications Server 2007.

  2. In the snap-in, expand the nodes until you reach the Enterprise Edition Server that you installed.

  3. Right-click the server name, and then click Certificates.

  4. On the Welcome to the Certificate Wizard page, click Next.

  5. On the Available Certificate Tasks page, click Create a new certificate, and then click Next.

  6. Select Prepare the request now, but send it later, and then click Next.

  7. Click Name, and then type the name for the new certificate. For example, you can use the pool FQDN or the server name as the certificate name.

  8. Clear the Mark cert as exportable check box, and then click Next.

  9. Click Organization, and then type your organization name.

  10. Click Organizational unit, type the name of your department, and then click Next.

  11. Click Subject name, and then type the FQDN of the pool.

  12. Select the Automatically add local machine name to the Subject Alt Name check box, and then click Next.

  13. Select your Country/Region, State/Province, and City/Locality, and then click Next.

  14. Click Browse, choose a location, enter a File name (with a .txt extension) for the certificate request, and then click Save.

  15. Verify the path and file name of the certificate request file in the File name box, and then click Next.

  16. Review the request information, and then click Next.

  17. Click Finish.

Repeat these steps on the other Front End Servers.

Issuing the Certificate Request

If you are an administrator on the certificate authority, to issue the certificate after you have generated the request, complete the next procedure. If you are not an administrator on the certification authority, complete the procedure, Submitting an Offline Request to a Public CA, later in this topic.

To issue a certificate

  1. Click Start, and then click Run. In the Open box, type mmc, and then click OK.

  2. On the File menu, click Add/Remove Snap-in.

  3. Click Add, click Certification Authority, and then click Add.

  4. Click Another computer, and then click Browse.

  5. Choose your CA, and then click OK.

  6. Click Finish.

  7. Click Close.

  8. Click OK.

  9. In the snap-in, expand the Certification Authority node.

  10. Right-click your CA, click All Tasks, and then click Submit new request.

  11. In the Open Request File dialog box, go to and click the certificate request (.txt) file that you created by using the wizard, and then click Open.

  12. In the Save Certificate dialog box, enter a File name (with an X.509 extension, .cer, .crt, or .der) for the certificate, and then click Save.

  13. Close the CA snap-in.

Repeat these steps on each server in the pool for which you generated an offline certificate request.

Submitting an Offline Request to a Public CA

If you are not an administrator on the certification authority or if you use a public CA, after you have generated the certificate request, access the public CA site to submit the request. Depending on the CA, the process will vary, but you generally need to supply your organizational and contact information.

If you are prompted, choose the following options:

  • Microsoft as the server platform

  • IIS as the version

  • Web Server as the certificate usage type

  • PKCS7 as the response format

After the public CA has verified your information, you will receive an e-mail message that contains the text that is required for the certificate.

Process the Pending Certificate Request

After you submit the certificate request, verify that the certificate was downloaded correctly and that is has been bound to the local computer store.

To process the certificate from the Public CA

  1. On the server on which you have installed Office Communications Server, click Start, click Programs, click Administrative Tools, and then click Office Communications Server 2007.

  2. In the snap-in, expand the nodes until you reach the Enterprise Edition Server that you installed.

  3. Right-click the Office Communications Server, and then click Certificates.

  4. On the Welcome to the Configure Certificate Wizard page, click Next.

  5. Click Process the pending request and install the certificate, and then click Next.

  6. In Path and file name, do one of the following:

    • Enter the location and file name of the .cer file that was issued to you by the CA, and then click Next.

    • Click Browse. Locate the certificate issued to you by the CA, and then click Open.

  7. Verify the certificate location and file name in the Path and file name box, and then click Next. The certificate is installed to the local computer store.

  8. Click View Certificate to view the details of the certificate, and then close the certificate.

  9. Click Finish.