I've picked up maintenance of a SBS2011 server which has Exchange 2010. I have a few certificates that are about to expire (all the remote.<FQDN>.com ones.
I tired to do a Get-exchangecertificate -thumbprint < > | new-exchangecertificate to replace it in powershell and that seemed to go fine. But the new certificate showed the subject of the cert as remote.<FQDN>.com and also issued by remote.<FQDN>.com as well. It also showed as self-signed, where the existing one does not and as being issued by <domain>-LS-SBS-CA (which is a self-signed certificate).
The new cert when opened also showed as not trusted (I'm assuming because the issued by was incorrect).
What am I doing wrong when I generate this new certificate?