Let’s save that file on the file system and then open Exchange Management Console and right-click on the Certificate entry that we started in the previous step.
#Exchange 2010 renew certificate install#
Now that we have requested, and got a new certificate, it’s time to install the file provided by your Certification Authority.
The result will be a file that will be sent to your e-mail or can be download from your Public Certification Authority page. Let’s select all content and then copy and paste into the Certificate that your public certification authority will provide to you. Basically, we can open the request using notepad and the content of the file will be similar to the one shown in Figure 10. Time to request the certificate on your Public Certification Authority (the same thing applies for an Internal CA). If we go back to Exchange Management Console and check the server certificates we will notice that the new request is there however it shows that it is pending and there are no services associated to it (Figure 08), we can also check the same information using our well-known Get-ExchangeCertificate using Exchange Management Shell (Figure 09)
#Exchange 2010 renew certificate how to#
We will have a summary containing all cmdlets used to generate the request and now finally we have the request good to go, as shown in Figure 07.Īlso the wizard gives you a step by step based on which certificate you requested and how to proceed to deploy the new request. In our example we are using a single SMTP domain and for that reason we are going to use for Outlook Anywhere and Web Services and for the Autodiscover (by choosing that we are defining that the Autodiscover on the Internet will be using Long URL), as shown in Figure 05. A dialog box will show up about the reset, just click on Yes and you are back to square one, as shown in Figure 04.Īn important setting that we need to define is the Client Access Server (Web Services, Outlook Anywhere and Autodiscover) section. One last thing about this page, if something goes wrong with the naming process and you want to start from scratch just click on the Reset button.
However we are following the best practices here and we are going to use a few names which simplify the process. So, in theory you can define a different name for a couple of different services, for example: ActiveSync, and OWA, then each name will be added to the same certificate, and finally that certificate will be associated to IIS. Bear in mind that during the Assign Services phase we have only a few services where we can associate the certificate which are SMTP, IIS, POP, and IMAP.