new-exchangecertificate enable for SMTP only

I have been reading the examples regarding the new-exchangecertificate cmdlet for exchange 2007 and I wish to double check a couple of items since I am using a 3rd party certificate for IIS / active sync use and the self-signed cert for all other reasons:  after executing the command you are warned you are about to overwrite the SMTP certificate - it offers yes or yes to all.  It specifies the existing certificate for the local server name.
1) My first question is can you add language to the command to specify that the certificate is for smtp/imap/pop only?  Or is that the difference between yes and yes to all?
2)  If there is no way to add that language to the certificate should I just specify YES and will that do the same?
3)  Finally if there is no way to specify what services it will be used for do I just skip the separate part of enabling the new certificate for the IIS service (which has its own certificate listed) and then remove the old locally signed cert?
sfeder11554Asked:
Who is Participating?
 
AkhaterConnect With a Mentor Commented:
By simply running new-exchangecertificate exchange will do exactly what you are trying to achieve it won't overwrite your 3rd party one for IIS don't worry.

0
 
Rick FeeConnect With a Mentor Messaging Engineer - Disaster Recovery EngineerCommented:
Yes when after you import/create the cert the enable command can be narrowed down.
Enable-ExchangeCertificate -thumbprint <certificate-thumbprint> -services "POP,IMAP"
Enable-ExchangeCertificate -thumbprint <certificate-thumbprint> -services "IIS"  
Enable-ExchangeCertificate -thumbprint <certificate-thumbprint> -services "SMTP"  
0
 
sfeder11554Author Commented:
I also found this article which seems to indicate that you can add the services string to the command:
http://technet.microsoft.com/en-us/library/aa998327(EXCHG.80).aspx
0
All Courses

From novice to tech pro — start learning today.