Note: This article was originally published in 2008. Some steps, commands, or software versions may have changed. Check the current General documentation for the latest information.
In this step-by-step guide, you’ll learn work with exchange and certificates.
”
There are several ways to obtain a certificate that is installed and operational on Exchange 2007. Your choice of method depends on your needs. Exchange 2007 generates a set of self-signed certificates to enable the default configuration to be secured. This should be renewed over time to help ensure security of the system. Exchange does not automatically generate requests for signing by certificate authorities. Whether you want to create a new self-signed certificate or a certificate request for a certification authority, both methods use the same cmdlet.
This section provides an overview of the operations that you can perform on certificates that are used by Exchange 2007. Read this section if you are not familiar with the ExchangeCertificate cmdlets. Application-specific examples and procedures are provided later in this document, using POP3 as an example. This section also provides links to application-specific documentation.
Certificate Cmdlets
In earlier versions of Exchange Server, all certificate management was done through IIS and Certificate Manager in MMC. In Exchange 2007, you perform most certificate management tasks that relate to Exchange by using the following ExchangeCertificate cmdlets with the Exchange Management Shell:
-
(http://technet.microsoft.com/en-us/library/aa998327\(EXCHG.80\).aspx) This cmdlet generates self-signed certificates and certificate requests for certification authorities.
-
(http://technet.microsoft.com/en-us/library/bb124424\(EXCHG.80\).aspx) This cmdlet imports certificates that have been previously exported and imports certificate files generated by CAs.
-
(http://technet.microsoft.com/en-us/library/aa996305\(EXCHG.80\).aspx) The cmdlet exports certificates for backup or for use on multiple servers.
-
(http://technet.microsoft.com/en-us/library/aa997231\(EXCHG.80\).aspx) This cmdlet enables specific services on a certificate.
-
(http://technet.microsoft.com/en-us/library/bb124950\(EXCHG.80\).aspx) This cmdlet displays the attributes of a certificate.
-
(http://technet.microsoft.com/en-us/library/aa997569\(EXCHG.80\).aspx) This cmdlet removes certificates from Exchange Server and the local certificate store.
For more information about how to create certificate requests for certification authorities, see (http://technet.microsoft.com/en-us/library/aa998840\(EXCHG.80\).aspx).
The following sections provide short examples to illustrate how you can use the ExchangeCertificate cmdlets to perform common certificate tasks. For more information and examples, see the ExchangeCertificate cmdlet Help under (http://technet.microsoft.com/en-us/library/aa996420\(EXCHG.80\).aspx).
”
obtained from: http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx
Summary
You’ve successfully learned work with exchange and certificates. If you run into any issues, double-check the prerequisites and ensure your General environment is properly configured.