About This Site

I'm a Tech Guy for over 30 Years Knowledge of Computers, Networks, PC Gadgets. This site is to be used to share some of my knowledge and reviews
If you find info useful from this site then please consider to Donate

Create A New Self-Signed Certificate For Exchange 2010

I still have a few clients that are using self-signed certificates. Most of my clients I have purchased certificates especially if they are connecting externally with their phone. So I needed to create a new self-signed certificate for a client that recently expired. I Googled it and found many sites with different ways of doing it. I found this one that I used. Basically here are the steps:

From a Exchange Shell Command line you run this command.

$Data = New-ExchangeCertificate -GenerateRequest -SubjectName “c=US, o=Organization Name, cn=fqdn.organization.com” -DomainName organization.com, secondarydomain.com -PrivateKeyExportable $true
Set-Content -path “C:\Docs\MyCertRequest.req” -Value $Data

Now for me to use this I checked the expired certificate and found the Subject Name was CN=SERVERNAME . Also for the DomainName it was SERVERNAME and the secondary one is SERVERNAME.DOMAIN.LOCALĀ  I used the same parameters in order for it to work. Also the C:\Docs folder I created ahead of time.

Next thing you do is get the thumbprint

get-exchangecertificate

This will show all the thumbprint. I then copied the thumbprint of the first one (The new one) and then pasted it in the following

get-exchangecertificate -thumbprint asdfdefghijklmnopqrstuvwxyz | new-exchangecertificate

I did not do the 4th part. I changed the associated protocols using the Exchange GUI under Servers-Certificates.

Print Friendly, PDF & Email

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>