Configure TLS on Exchange 2010 with own certificate

In this article, I try to describe how to use the certificate signed by own CA to configure TLS on Exchange server 2010. The OpenSSL setting on crlDistributionPoints is very important, without a reachable CRL Distribution Point the certificate will not work (properly) in Exchange. Please read the PDF version for the details.