The syntax for installing an SSL certificate in Exchange 2010 has changed slightly from the 2007 version. Below is the new syntax
These first set of strings is the Certificate signing request or CSR. This must be generated from the Exchange server on which you will be installing the certificate.
$CSR = New-ExchangeCertificate –generaterequest -keysize 2048 -SubjectName "DC=CompanyName, DC=com, O=Company, CN=mail.example.com" –DomainName mail.example.com, internalserver.example.com, internalserver, mail -IncludeAutoDiscover -PrivateKeyExportable $true –Verbose
This string will allow you to export the CSR to send to your certificate provider.
Set-Content -Path "C:\2010certreq.txt" -Value $CSR
The below string will allow you to import the CSR file that is returned to you by your certificate provider.
import-exchangecertificate -FileData ([Byte]$(Get-Content -Path C:\mail.example.com.crt -Encoding byte -ReadCount 0))
This string will allow you to enable the certificate for the services that you use on your server.
Enable-ExchangeCertificate -Thumbprint CE8U7E6AA2338A77F2C2FC29027C8F37DFI8R7R6 -Services IMAP,POP,IIS,SMTP
Run the below command to verify the installation.
Microsoft's instructions for the "Enable-ExchangeCertificate" cmdlet can be found at the URL below.