Hi. I’m pretty new to this whole PKI/certificate world (but I’ve read a lot already).
I have a Win Server 2019 running Exchange Server 2019, and all I want is to get a Let’s Encrypt certificate bound to the Exchange Server - we are not using the web server to host anything public other than Outlook on the Web. Everything I’ve read so far indicates that I have to get a certificate for my IIS and then bind that to the Exchange Server. I have the server configured as a CCS (Centralized Certificate Server) in case that matters.
My questions so far:
- Can I implement a certificate directly and only for my Exchange server (without doing IIS first)?
- What site name should I use, i.e., I’m going to have to create a public domain name accessible via http port 80, right? Again, I don’t need or want to make an IIS site publicly accessible (other than Outlook/web)
- I haven’t installed CertifyTheWeb yet - will I be able to accomplish the automated binding to the Exchange server, and the re-binding required after every certificate renewal, using the program? (or will I, for example, have to create a Power Shell script for that)
Thanks very much