Home > Forms and Procedures > Procedures > UIT Procedures > Infrastructure Procedures > SSL Certificate

SSL Certificate

Table of contents


SSL Certificates are encryption keys issued and verified by a third party and used for security purposes.  The steps are for a yearly renewal.



  1. To generate the new key:  Start the IIS Administration on SAPPHIRE to generate a renewal request.  Go to Certificate Console > Run > MMC > Add/Remove Snap-ins > Add Certificates  > Choose “computer account” > Next > Finish> Okay
  2. Once in certificate console > Drill down on Personal > Certificates> To renew right click on certificates > All Tasks Request > Renew.  (This sends a request to VeriSign .  This can be placed in directory on C drive.
  3. At the VeriSign site (www.verisign.com) you request the newest certificate using the certificate request from above (basically a scrambled code pasted in) at the cost of $1,000.  VeriSign will send a new certificate code via email.
  4. Activate the new certificate by inserting the VeriSign code in to IIS Manager by going to IIS > Choose Default website > Properties> Directory Security Tab > Server Certificate > opens a Wizard > Replace current certificate > Browse to find new > Replace
  5. View Certificate Button > Certificate will show up but not active > Activate certificate to create the file sent to Verisign.
  6. Create MMC console by going to Run > type in MMC> Add snap-in on IIS>Pick certificates (save copy to desktop to export the certificate from Sapphire.
  7. Go into IIS > Default web > Properties > Directory Security > Server Certificate > Next – open Wizard > Go into Exchange System Manager and drill down to server SAPPHIRE.  From there go to Protocols > POP3 > Right click on Default POP3 Virtual Server > Access tab > Click on certificate > Next > Select current certificate unless grayed then renew current > Next >

See available certificates > Protocols > Access > Other

Repeat process for IMAP.




  1. Remote Desktop to COBALT (this can only be done from Dennis’s machine  and SAPPHIRE).
  2. Start > Run > type MMC in Run box > Okay
  3. At the MMC console go to File> Add/Remove Snap-In > Select Certificates from list > Choose “computer account” > Next > Finish > Okay
  4. Snap-In for Certificate > Right Click > Personal > Import > Browse to find file exported from SAPPHIRE (type file is crt) and put on Sapphire d$ > Import Certificate > Close out of MCC Control
  5. Start> All Programs > Microsoft ISA Service > ISA Server Management > Cobalt > Firewall Policy > Double Click > Delta – https.owa Outlook web access > Click on listener tab > Click properties > Preference tab > SSL Certificate Select – select one just imported > Okay > Okay
  6. Reboot COBALT.

Add appointment in Calendar one week previous to next year’s expiration date.


You must to post a comment.
Last modified
14:17, 21 Feb 2014


This page has no custom tags.


This page has no classifications.