About This Site

I'm a Tech Guy for over 30 Years Knowledge of Computers, Networks, PC Gadgets. This site is to be used to share some of my knowledge and reviews

Create A New Self-Signed Certificate For Exchange 2010

I still have a few clients that are using self-signed certificates. Most of my clients I have purchased certificates especially if they are connecting externally with their phone. So I needed to create a new self-signed certificate for a client that recently expired. I Googled it and found many sites with different ways of doing it. I found this one that I used. Basically here are the steps:

From a Exchange Shell Command line you run this command.

$Data = New-ExchangeCertificate -GenerateRequest -SubjectName “c=US, o=Organization Name, cn=fqdn.organization.com” -DomainName organization.com, secondarydomain.com -PrivateKeyExportable $true
Set-Content -path “C:\Docs\MyCertRequest.req” -Value $Data

Now for me to use this I checked the expired certificate and found the Subject Name was CN=SERVERNAME . Also for the DomainName it was SERVERNAME and the secondary one is SERVERNAME.DOMAIN.LOCALĀ  I used the same parameters in order for it to work. Also the C:\Docs folder I created ahead of time.

Next thing you do is get the thumbprint


This will show all the thumbprint. I then copied the thumbprint of the first one (The new one) and then pasted it in the following

get-exchangecertificate -thumbprint asdfdefghijklmnopqrstuvwxyz | new-exchangecertificate

I did not do the 4th part. I changed the associated protocols using the Exchange GUI under Servers-Certificates.

Comments are closed.