Remove and reinstall cert on Exchange 2010 server

Posted on 2012-03-16
Last Modified: 2013-03-29
Upon deploying my first Exch 2010 server, I made the mistake of putting the wrong type of certficate on there. I went with a single cert...while this is working for the one feature (webmail), I would like to 're do' and put the proper UCC certificate on there.

With older Exchanges, you could run the IIS 'wizard', remove the old cert and just re-run and install the new one.

Is it a more complicated process with Exch 2010? Some guidelines would be appreciated.


Question by:tnorman
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 12

Accepted Solution

DLeaver earned 500 total points
ID: 37731122
Follow these instructions to import the cert

And to assign the necessary services use this link (I recommend using EMS for this part)

Author Comment

ID: 37731139
Will this remove/handle the existing certificate?

Author Comment

ID: 37731208
I just checked the first link, and I don't think that is what I am looking for. I won't be installing a previously exported cert, rather installing a brand new one. I am concerned about the existing certificate that is already there when doing this.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 12

Expert Comment

ID: 37731318
Once the certificate is installed following the first link then go to the EMS and type


This will list all of the certificates installed and their thumbprint, including the old one no doubt

Then follow the second link to enable the exchange services you want the cert to handle

enable-exchangecertificate (thumbrint) -services (list the services that this cert will be responsible for)
LVL 12

Expert Comment

ID: 37731322
If you want to remove your old certificate then run the

Get-ExchangeCertificate cmd to list out the thumbprints and then use the Remove- command

Author Comment

ID: 37731328
Ah...that's what I was looking for.  Thanks, TN.

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question