I had to do this today, so I thought I would blog it so I can remember how to do it next year. 🙂
Instructions are after the jump.
1) Get the current cert information:
Get-ExchangeCertificate -domain “domain name” | fl
2) Create and install the new cert:
Get-ExchangeCertificate -thumbprint “Long HEX thumbprint of cert 1” | New-ExchangeCertificate
If you using the cert on SMTP you have to answer yes to the question that pops up.
3) Get the new certs information:
Get-ExchangeCertificate -thumbprint “Long HEX thumbprint of new cert” | fl
4) To enable the certificate for IIS:
Enable-ExchangeCertificate -thumbprint “Long HEX thumbprint of new cert” -services IIS
5) Once it’s working, remove the old cert
Remove-ExchangeCertificate -thumbprint “Long HEX thumbprint of cert 1”
Pretty easy I’d say.