How To Create New Exchange Certificate for Exchange 2007

When Exchange 2007 is installed it creates a self signed certificate which it’s valid for 1 year. After one year it then needs to be renewed. The following explains the process using the Exchange Management Shell.

1. Get the current certificate type:

Get-ExchangeCertificate

This will list the current certificates for Exchange and what they are assigned to:

Thumbprint Services Subject
———- ——– ——-
D85FEC52584B56345987EE6D0BC6C222E2699ECA IP.WS  CN=exchangeservername



You should note which services are enabled on the current certificate. This is identified after the Thumbprint (the long number) and will be in the format of IPUWS:

S=SMTP, I=IMAP, P=POP, W=IIS, U=Unified Messaging

In our case we aren’t using Unified Messaging so it should be IP.WS

2. Next we need to run the command to clone and renew the certificate:
Get-ExchangeCertificate –Thumbprint “D85FEC52584B56345987EE6D0BC6C222E2699ECA” | New-ExchangeCertificate

This will clone the previous certificate and will have a new Thumbprint. To view the new certificate run the Get-ExchangeCertificate command again and it will display the 2 certificates

Thumbprint Services Subject
———- ——– ——-
34DCBAC44E3FD6EA1074BFC954B3CE3D64056A2B IP..S CN=exchangeservername

D85FEC52584B56345987EE6D0BC6C222E2699ECA IP.WS  CN=exchangeservername

As you will see all default services were loaded with the exception of IIS.

3. To enable the new certificate and to specify which services to include in the certificate type the following. In our case we’re not using Unified Messaging so:

Enable-ExchangeCertificate –Thumbprint “34DCBAC44E3FD6EA1074BFC954B3CE3D64056A2B” -Services “IMAP, POP, IIS, SMTP

4. Run the Get-ExchangeCertificate command again to confirm that the required services are included for the new certificate. It should display as:

Thumbprint Services Subject
———- ——– ——-
34DCBAC44E3FD6EA1074BFC954B3CE3D64056A2B IP.WS CN=exchangeservername

D85FEC52584B56345987EE6D0BC6C222E2699ECA IP..S CN=exchangeservername

Resource: http://technet.microsoft.com/en-us/library/aa998327.aspx

Tags: , , , ,

This entry was Visited 8929 times, 4 so far today and was posted on Thursday, July 15th, 2010 at 6:25 am and is filed under Computer, How To, microsoft, Server, Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Enter your email address:     

Related Entries you might want to read:
» How To Install Exchange 2003 in Citrix Metaframe server 4.5
» Where to exchange Northern Ireland Sterling Pounds in the Philippines
» Latest Globe Magic IP August 2011
» Asterisk – The new open source IP Telephony System
» 550 Cannot create file FTP Solution | Fix

Leave a Reply