How to Install Certificates on MDaemon Server

MDaemon does not have a method of creating a Certificate Signing Request (CSR) for you in order to obtain a third party SSL certificate issued by a Trusted Root Authority. Windows has a command line utility, certreq.exethat will allow you to create a certificate request and import the new certificate into the Windows Certificate Store, where it can be used with MDaemon.

1. Generating a CSR :

The example below will generate a CSR for a 2048 bit key length certificate.

• Log into your mail server using an Administrator account.

• Create a file named CSRParameters.inf on the C:\ drive using the contents below as a template:

;----------------- request.inf ----------------- [NewRequest] Subject="CN=mail.example.com,OU=XYZ CA Limited,O=XYZ CA Limited,S=New Jersey,L=Clifton,C=US" KeySpec=1 KeyLength=2048 Exportable=TRUE MachineKeySet=TRUE SMIME=False PrivateKeyArchive=FALSE UserProtected=FALSE UseExistingKeySet=FALSE ProviderName="Microsoft RSA SChannel Cryptographic Provider" ProviderType=12 RequestType=PKCS10 KeyUsage=0xa0 Silent=TRUE [EnhancedKeyUsageExtension] OID=1.3.6.1.5.5.7.3.1;----------------------------------------------- 

• Open a command prompt.

• Change the directory to the C:\ path.

• Type in the following command:

C:\>certreq -new CSRParameters.inf CSR.pem

• Open Windows Explorer and browse to the C:\ directory to locate the CSR.pem file.

• Using the CSR.pem file, request your certificate.

2. Installing the Certificate :

• You will receive a ZIP containing your certificate (.CRT).
  

• On the server, open a command prompt.

• Navigate to the directory that contains the CRT file (C:\ in this example).

• Enter the following command (substitute mail.example.com.crt for the actual name of the .crt file you received from the certificate authority):

C:\>certreq -accept mail.example.com.crt

• The certificate will now be available in MDaemon when SSL/HTTP configurations have been created.