Exchange 2019 – Create a CSR with PowerShell and Import Certificate
In Exchange 2019, you can generate a new CSR and then import the signed certificate from your registrar like Digicert or RapidSSL or Godaddy etc.
To generate a CSR in Exchange 2019, you can run the following command from the Exchange Management Shell (EMS):
- $cert = New-ExchangeCertificate -GenerateRequest -SubjectName “C=ZA,o=thexchangelab,cn=thexchangelabcert” -DomainName “thexchangelab.com” -PrivateKeyExportable $true
Once the command has run, you can now run the following command to export the information to a text file:
- $cert | out-file c:\Installs\certreq.txt
Now if we head over to the location that we specified in the second command we will see the generated CSR:
Once we have received our new file from our provider, we can complete the request by running the following command:
- Import-ExchangeCertificate -FileName “C:\Location\CertName.cer”
As you can see, it is now imported, the last step is to assign services to the certificate which you can achieve by running this command:
- Enable-ExchangeCertificate -Thumbprint “xxxx” -Services SMTP,IIS
You will be prompted if you want to overwrite the default certificate, you can choose yes and all will be completed.
Hope it helps.