Expiring Exchange Cert

Posted on 2009-12-22
Last Modified: 2013-12-04
Im getting the event warning message that STARTTLS cert self signed cert will expire soon. It directs to run the New-ExchangeCertificate cmdlt. I believe this is referring to the initial self signed cert created on installation and expiring in 1 yr.
We have installed a SAN Cert which includes the listed server.  Why is this one not being used? It is not expiring soon.
Will I need to renew the self signed cert every year?
If so Can I run the Clone process to reup the cert for another year?
Get-ExchangeCertificate -Thumbprint c4242***33a4afc | New-ExchangeCertificate
Question by:Wildgen
    LVL 65

    Expert Comment

    If you have a SAN/UC certificate in place, then check it is enabled for SMTP using get-exchangecertificate.
    If it is, then simply remove the old self signed certificate completely.

    You will notice that multiple certificates can be enabled for SMTP when you view the output of get-exchangecertificate

    LVL 15

    Accepted Solution

    You can simply enable SAN certificate for SMTP service.

    Enable-ExchangeCertificate -Thumbprint of SAN -Service SMTP


    You can remove other certificate if you dont need them anymore since you already have SAN certificate.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now