In Exchange 2019, you can generate a new CSR and then import the signed certificate from your registrar like Digicert or RapidSSL or Godaddy etc.

To generate a CSR in Exchange 2019, you can run the following command from the Exchange Management Shell (EMS):

  • $cert = New-ExchangeCertificate -GenerateRequest -SubjectName “C=ZA,o=thexchangelab,cn=thexchangelabcert” -DomainName “thexchangelab.com” -PrivateKeyExportable $true
Exchange 2019 - create a new mailbox with powershell

Once the command has run, you can now run the following command to export the information to a text file:

  • $cert | out-file c:\Installs\certreq.txt
Exchange 2019 - create a new mailbox with powershell

Now if we head over to the location that we specified in the second command we will see the generated CSR:

Exchange 2019 - create a new mailbox with powershell

Once we have received our new file from our provider, we can complete the request by running the following command:

  • Import-ExchangeCertificate -FileName “C:\Location\CertName.cer”
Exchange 2019 - create a new mailbox with powershell

As you can see, it is now imported, the last step is to assign services to the certificate which you can achieve by running this command:

  • Enable-ExchangeCertificate -Thumbprint “xxxx” -Services SMTP,IIS
Exchange 2019 - create a new mailbox with powershell

You will be prompted if you want to overwrite the default certificate, you can choose yes and all will be completed.

Hope it helps.

Discover more from Everything-PowerShell

Subscribe now to keep reading and get access to the full archive.

Continue reading