From LedHed's Wiki
| (2 intermediate revisions by the same user not shown) | |||
| Line 12: | Line 12: | ||
If the current Certificate is in use then you will be prompted to overwrite it.<br> | If the current Certificate is in use then you will be prompted to overwrite it.<br> | ||
| + | |||
| + | ''' ''NOTE: '' ''' IF you want to export this certificate (i.e. you want to deploy it via Group Policy) then you need to pass this flag at the time of creation, you '''cannot''' change this setting without creating a new certificate! | ||
| + | -PrivateKeyExportable:$true | ||
| Line 21: | Line 24: | ||
== Enable New Certificate for IIS == | == Enable New Certificate for IIS == | ||
| − | Enable-ExchangeCertificate -thumbprint | + | Enable-ExchangeCertificate -thumbprint "NEW_CERT_THUMBPRINT" -services IIS |
| − | + | ||
| − | + | ||
== Delete old Certificate == | == Delete old Certificate == | ||
| Line 34: | Line 35: | ||
== References == | == References == | ||
http://exchangepedia.com/2008/01/exchange-server-2007-renewing-the-self-signed-certificate.html | http://exchangepedia.com/2008/01/exchange-server-2007-renewing-the-self-signed-certificate.html | ||
| + | http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/managing-exchange-certificates.html | ||
[[Category:Exchange 2007]] | [[Category:Exchange 2007]] | ||
Latest revision as of 15:47, 25 January 2011
Contents
Get Current Certificate Info
From the Exchange Management Shell
Get the current Certificate:
Get-ExchangeCertificate -domain "MAIL_SERVER_HOSTNAME" | fl
Create a New Certificate
Generate a Certificate with a new expiration date:
Get-ExchangeCertificate -thumbprint "CURRENT_CERT_THUMBPRINT" | New-ExchangeCertificate
If the current Certificate is in use then you will be prompted to overwrite it.
NOTE: IF you want to export this certificate (i.e. you want to deploy it via Group Policy) then you need to pass this flag at the time of creation, you cannot change this setting without creating a new certificate!
-PrivateKeyExportable:$true
View the new Certificate
Get-ExchangeCertificate -thumbprint "NEW_CERT_THUMBPRINT" | fl
Enable New Certificate for IIS
Enable-ExchangeCertificate -thumbprint "NEW_CERT_THUMBPRINT" -services IIS
Delete old Certificate
From the Exchange Management Shell
Remove-ExchangeCertificate -thumbprint "OLD_CERT_THUMBPRINT"
References
http://exchangepedia.com/2008/01/exchange-server-2007-renewing-the-self-signed-certificate.html http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/managing-exchange-certificates.html