Exchange 2007: Certificate Renewal

My Exchange 2007 certificate is due to expire in about a month and this will be the first time I have renewed it. Can someone give me some detailed instructions on how to do it? I am trying to avoid any mistakes on my end thus eliminating any unecessary downtime. Thanks.
LVL 1
rbichonAsked:
Who is Participating?
 
BertlingConnect With a Mentor Commented:
yes run that command,

then use Get-ExchangeCertificate to check their service type status

then use Remove-ExchangeCertificate to remove the old certs

hope it all works out
0
 
ccnsCommented:
have a look here, has alot of information re exchange cetificates
http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
BertlingCommented:
is this a selfc assigned or from an external CA? like verisign or thawte?
0
 
rbichonAuthor Commented:
It is an external CA from Comodo.
0
 
BertlingCommented:
just go ahead an apply for the renewed cert from Comodo. please advise what format you get the cert in or if it is just encrypted text.

then i can help you import it in to IIS without you having to worry about any downtime.
0
 
rbichonAuthor Commented:
This is the command I used when inserting the first certificate:
Import-ExchangeCertificate -Path C:\cert.crt | Enable-ExchangeCertificate -Services "SMTP, IMAP, POP, IIS"
Once I get the new certificate, do I just run the same command? After I get it installed, should I remove the first certificate? Is there anything special that I need to do to make sure the new certificate is being used?
0
 
rbichonAuthor Commented:
I got the request in for a new cert. Once it comes in I will post back. Thanks for your help.
0
 
rbichonAuthor Commented:
Using the Get-ExchangeCertificate command turned out to be an absolutely crucial step. After installing the cert I ran that command and found that the cert was not being used for SMTP or IIS. I used Enable-ExchangeCertificate to enable both of those services on the new cert before removing the other certs. If I hadn't done that first, several Exchange services would have been affected and I would have had no idea why. Thanks!
0
 
BertlingCommented:
no probs! thanks for the feedback
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.