Certificate in Exchange 2010

We have setup two exchange EX01 & EX02 running in DAG, using the named exdag. There are two certificates on our Exchange

exdag.abc.com.hk  (issued by exdag)
mail.abc.com.hk  (Issued by VeriSign)


The exdag is going to be expired. Any idea how to regenerate it ? Is it created by default when creating the DAG group in exchange ?

Tks
AXISHKAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Satya PathakConnect With a Mentor Lead Technical ConsultantCommented:
try  below KB this will help you to understand how to renew the certificate on Exchange 2010 .

http://exchangepedia.com/2008/01/exchange-server-2007-renewing-the-self-signed-certificate.html
0
 
MAS EE MVETechnical Department HeadCommented:
Here is the article from Technet to renew
http://technet.microsoft.com/en-us/library/ee332322(v=exchg.141).aspx

You can use this for easy CSR command generation
http://gallery.technet.microsoft.com/Exchange-20072010-and-2013-17a0b52f
0
 
AXISHKAuthor Commented:
Tks. The link show how to generate the CSR. However, I have review the server and it is issued by EXDAG. It mean that it is generated through some way...

Tks
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
SreRajConnect With a Mentor Commented:
Hi,

If this is a self-signed certificate, you could re-issue it by using the PowerShell cmdlet New-ExchangeCertificate

Complete command would be

Get- ExchangeCertificate -Thumbprint 'AD19B141228C7CF98B5F78DCED978B7C45E15434' | New-ExchangeCertificate

Here, thumbprint is that of the certificate which is going to expire. This will only work for self-signed certificate.

When you list details of the certificates with the following command, there is an attribute 'IsSelfSigned', if this is set as True, then the certificate is self-signed.

 Get- ExchangeCertificate | FL
0
 
MAS EE MVEConnect With a Mentor Technical Department HeadCommented:
Here is the command as in the article I posted
Get- ExchangeCertificate -Thumbprint 'AD19B141228C7CF98B5F78DCED978B7C45E15434' | New-ExchangeCertificate

Open in new window


This command will show you the thumbprint of the self signed certificate
Get-ExchangeCertificate | fl Thumbprint,IsSelfSigned

Open in new window

0
 
AXISHKAuthor Commented:
Get- ExchangeCertificate -Thumbprint 'AD19B141228C7CF98B5F78DCED978B7C45E15434' | New-ExchangeCertificate

Does this keep everything the same, but extending the expiry period ? Do I need to rebind it afterwards ?

Tks
0
 
SreRajCommented:
Yes, New-ExchangeCertificate overwrites existing certificate. So everything remains same, no further configuration required.
0
All Courses

From novice to tech pro — start learning today.