Installing an SSL certificate on Exchange 2010

Exchange 2010 Logo

The syntax for installing an SSL certificate in Exchange 2010 has changed slightly from the 2007 version. Below is the new syntax

These first set of strings is the Certificate signing request or CSR. This must be generated from the Exchange server on which you will be installing the certificate.

$CSR = New-ExchangeCertificate –generaterequest -keysize 2048 -SubjectName "DC=CompanyName, DC=com, O=Company, CN=mail.example.com" –DomainName mail.example.com, internalserver.example.com, internalserver, mail -IncludeAutoDiscover -PrivateKeyExportable $true –Verbose

This string will allow you to export the CSR to send to your certificate provider.

Set-Content -Path "C:\2010certreq.txt" -Value $CSR

The below string will allow you to import the CSR file that is returned to you by your certificate provider.


import-exchangecertificate -FileData ([Byte[]]$(Get-Content -Path C:\mail.example.com.crt -Encoding byte -ReadCount 0))


This string will allow you to enable the certificate for the services that you use on your server.


Enable-ExchangeCertificate -Thumbprint CE8U7E6AA2338A77F2C2FC29027C8F37DFI8R7R6 -Services IMAP,POP,IIS,SMTP

Run the below command to verify the installation.

Get-ExchangeCertificate

Microsoft's instructions for the "Enable-ExchangeCertificate" cmdlet can be found at the URL below.

http://technet.microsoft.com/en-us/library/aa997231.aspx

Be Sociable, Share!

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2017 | First Mag designed by Themes4WP