About this article
TLS X.509 cryptographic certificates are used to encrypt and secure the communication channels between the Templafy Email Signature Server and Exchange Online server over SMTP and Exchange Web Services.
These certificates may be self-signed or issued by a Certificate Authority and packaged in a PKCS #12 archive file.
- Generate the password protected self-signed Certificates
- Optional: Provide certificate password
- Optional: Provide a pre-generated certificate in PKCS #12 archive format
- Generate the self-signed certificates in PKCS #12 archives
- Generate key credentials to set in the Manifest of the EWS App registration
- Files the PowerShell script will generate:
azureAppRegistrationCertificate.pfx azureAppRegistrationCertificatePassword smtpTlsCertificate.pfx smtpTlsCertificatePassword keyCredentials.txt
Generate the password protected self-signed Certificates
- Start PowerShell as an Administrator
- You might need to run
Set-ExecutionPolicy Bypassto allow to execute our script
- Create and navigate to a folder where the Certificate will be stored, then run the PowerShell script
- A strong password securing the certificates will be generated automatically by the PowerShell script
Optional: Provide certificate password
- If you would like to provide the strong password, add a
-PromptForPasswordswitch to the script invocation.
> .\generateAndExportSelfSignedCertificateAndKeyCredentials.ps1 -PromptForPassword
- Provide a unique password that uses special characters, mixed case, and numbers that is at minimum 15 characters in length.
Optional: Provide a pre-generated certificate in PKCS #12 archive format
- If you would like to provide a pre-generated certificate, or Certificate Authority issued certificates, add a
-CertificatePath <path-to-pfx-archive-file>switch to the script invocation.
> .\generateAndExportSelfSignedCertificateAndKeyCredentials.ps1 -CertificatePath <path-to-pfx-archive-file>
- The five files listed above will be generated as output based on the provided certificate
- The provided file must be a certificate packaged in the PKCS #12 (.pfx) archive format.