SSL certificates – Add a 3rd party SSL certificate to Exchange 2007

Installing certificates requires an initial procurement from the 3rd party site, passing your CSR and downloading the SSL and the intermediate certificates

See how to add an intermediate certificate



You are required to install an SSL Certificate into an exchange server after submitting the CSR and generating the certificate.



From the Start menu, select Microsoft Exchange Server 2007, and then right click Exchange Management Shell and run as administrator.
At the prompt, type the following to import the certificate:

Import-ExchangeCertificate -Path C:\CertificateFile.crt

Replace CertificateFile.crt with the complete path and file name of your certificate.

If the output of this command doesn’t copy the thumbprint of the certificate, then you must copy it manually for use in the next step.
To find the thumbprint simply send all the certificates to a file and look for the one with date codes that match your new certificate

Get-ExchangeCertificate | FL >c:\somefile.txt

Type the following to enable the certificate:

Enable-ExchangeCertificate -Thumbprint paste_thumbprint_here -Services "SMTP, IMAP, IIS"

Paste the thumbprint in place of paste_thumbprint_here. Specify the services this certificate covers, using quotes. Valid service identifiers are SMTP, POP, IMAP, UM, and IIS. Do not enable services that are not in use.

Close the Exchange Management Shell window.

Tested Platforms

Windows Server 2012 R2
Windows Server 2008 R2
Windows Server 2003 R2

Microsoft Exchange Server 2007

Certs from Godaddy
Certs from StartSSL