How To

How to Install Certificates on MDaemon Server

MDaemon does not have a method of creating a Certificate Signing Request (CSR) for you in order to obtain a third party SSL certificate issued by a Trusted Root Authority. Windows has a command line utility, certreq.exethat will allow you to create a certificate request and import the new certificate into the Windows Certificate Store, where it can be used with MDaemon.

1. Generating a CSR :

The example below will generate a CSR for a 2048 bit key length certificate.

  • Log into your mail server using an Administrator account.
  • Create a file named CSRParameters.inf on the C:\ drive using the contents below as a template:
;----------------- request.inf ----------------- 
[NewRequest]
 Subject="CN=mail.example.com,OU=XYZ CA Limited,O=XYZ CA Limited,S=New Jersey,L=Clifton,C=US"
 KeySpec=1
 KeyLength=2048
 Exportable=TRUE
 MachineKeySet=TRUE
 SMIME=False
 PrivateKeyArchive=FALSE
 UserProtected=FALSE
 UseExistingKeySet=FALSE
 ProviderName="Microsoft RSA SChannel Cryptographic Provider"
 ProviderType=12
 RequestType=PKCS10
 KeyUsage=0xa0
 Silent=TRUE
 [EnhancedKeyUsageExtension]
 OID=1.3.6.1.5.5.7.3.1
;----------------------------------------------- 
  • Open a command prompt.
  • Change the directory to the C:\ path.
  • Type in the following command:

C:\>certreq -new CSRParameters.inf CSR.pem

  • Open Windows Explorer and browse to the C:\ directory to locate the CSR.pem file.
  • Using the CSR.pem file, request your certificate.

2. Installing the Certificate :

  • You will receive a ZIP containing your certificate (.CRT).
  • On the server, open a command prompt.
  • Navigate to the directory that contains the CRT file (C:\ in this example).
  • Enter the following command (substitute mail.example.com.crt for the actual name of the .crt file you received from the certificate authority):

C:\>certreq -accept mail.example.com.crt

  • The certificate will now be available in MDaemon when SSL/HTTP configurations have been created.