This article explains the steps and information needed to purchase and add an SSL Certificate to your OWA or SharePoint service.

SSL Requirements:

First, you will be required to have 200 full Access mailboxes to qualify for implementation. This is due to the large amount of resources required to install/maintain on the load balancers. Additionally,we will require the following information to be submitted to us:


Common Name:


The common name is the fully-qualified domain name that plan to use as the protected URL. It must match your service's URL exactly. For example, if you access your OWA using http://mail.yourdomain.com/, you would submit mail.yourdomain.com. Some other examples might be:


team.yourdomain.com
owa.yourdomain.com


Please ensure that there are no typos in the Common Name that is submitted. A typo might require the purchase of another certificate depending on the Certificate Authorities refund policy.


We also require the following information to start the certificate process. These attributes must match the information listed in your domain registration information, as the Certificate Authority will cross-reference the certificate attributes with your domain information. This means the information should be current and will likely match your company address.


Company Name or Organization:
Division (optional):
Locality or City:
State or Province:
Country:



The following steps will be taken to generate and implement the SSL Certificate for your service:


  1. Please open a new Support ticket including the above information and ask the Support Team for a Certificate Signing Request (CSR).
  2. The Engineering Team will assign an IP address for your service and will generate an SSL Certificate key and a SSL CSR. Once this information has been generated, we will send it to you in a ticket reply.
  3. You will provide the CSR to your SSL Certificate Authority (CA) or re-seller when you purchase the certificate. Please note that we recommend Thawte certificates, as they have the highest rate of successful implementation without complications. The CA or re-seller will likely ask for the platform information where the certificate will be installed. This would be:

    F5 Big-IP

    If in doubt, you may call and tell the CA or re-seller the platform information above and they will suggest an appropriate certificate. Once the certificate purchase is complete, you should receive the SSL certificate (possibly protected with a password) and likely a chain certificate.
  4. You will then need to add a DNS A record that will point your Common Name to the IP Address we have provided. Please ensure this step is completed before the next step so we may test the configuration.
  5. Reply to the Support ticket with the SSL certificate and any chain certificates provided by the CA or re-seller. If the certificate is password-protected, please also provide us with the password.
  6. The Engineering team will then finish the SSL site configuration using the provided SSL certificate and any chain certificates, and test the site. We will then notify you once the configuration is complete