How to work with Exchange and Certificates


There are several ways to obtain a certificate that is installed and operational on Exchange 2007. Your choice of method depends on your needs. Exchange 2007 generates a set of self-signed certificates to enable the default configuration to be secured. This should be renewed over time to help ensure security of the system. Exchange does not automatically generate requests for signing by certificate authorities. Whether you want to create a new self-signed certificate or a certificate request for a certification authority, both methods use the same cmdlet.

This section provides an overview of the operations that you can perform on certificates that are used by Exchange 2007. Read this section if you are not familiar with the ExchangeCertificate cmdlets. Application-specific examples and procedures are provided later in this document, using POP3 as an example. This section also provides links to application-specific documentation.

Certificate Cmdlets

In earlier versions of Exchange Server, all certificate management was done through IIS and Certificate Manager in MMC. In Exchange 2007, you perform most certificate management tasks that relate to Exchange by using the following ExchangeCertificate cmdlets with the Exchange Management Shell:

For more information about how to create certificate requests for certification authorities, see Creating a Certificate or Certificate Request for TLS.

The following sections provide short examples to illustrate how you can use the ExchangeCertificate cmdlets to perform common certificate tasks. For more information and examples, see the ExchangeCertificate cmdlet Help under Global Cmdlets.


obtained from:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.