Knowledge Base

Certificate Installation - MDaemon

May 25, 2018 in SMTP

MDaemon does not have a method of creating a Certificate Signing Request (CSR) for you in order to obtain a third party SSL certificate issued by a Trusted Root Authority (such as Sectigo).
Windows has a command line utility, certreq.exe that will allow you to create a certificate request and import the new certificate into the Windows Certificate Store, where it can be used with MDaemon.

1. Generating a CSR :

The example below will generate a CSR for a 2048 bit key length certificate.

  • Log into your mail server using an Administrator account.
  • Create a file named CSRParameters.inf on the C:\\ drive using the contents below as a template:
;----------------- request.inf ----------------- 
[NewRequest]
 Subject='CN=mail.example.com,OU=Comodo CA Limited,O=Comodo CA Limited,S=New Jersey,L=Clifton,C=US'
 KeySpec=1
 KeyLength=2048
 Exportable=TRUE
 MachineKeySet=TRUE
 SMIME=False
 PrivateKeyArchive=FALSE
 UserProtected=FALSE
 UseExistingKeySet=FALSE
 ProviderName='Microsoft RSA SChannel Cryptographic Provider'
 ProviderType=12
 RequestType=PKCS10
 KeyUsage=0xa0
 Silent=TRUE
 [EnhancedKeyUsageExtension]
 OID=1.3.6.1.5.5.7.3.1
;-----------------------------------------------
  • Open a command prompt.
  • Change the directory to the C:\\ path.
  • Type in the following command:

C:\\>certreq -new CSRParameters.inf CSR.pem

  • Open Windows Explorer and browse to the C:\\ directory to locate the CSR.pem file.
  • Using the CSR.pem file, request your certificate from Comodo.

2. Installing the Certificate :

  • You will receive a ZIP containing your certificate (.CRT).
  • On the server, open a command prompt.
  • Navigate to the directory that contains the CRT file (C:\\ in this example).
  • Enter the following command (substitute mail.example.com.crt for the actual name of the .crt file you received from the certificate authority):

C:\\>certreq -accept mail.example.com.crt

  • The certificate will now be available in MDaemon when SSL/HTTP configurations have been created.
  • You can verify the certificate installation using our SSL Checker.

Related Articles :

Related articles