Exchange 2019 – Create a CSR with PowerShell and Import Certificate

In Exchange 2019, you can generate a new CSR and then import the signed certificate from your registrar like Digicert or RapidSSL or Godaddy etc.

To generate a CSR in Exchange 2019, you can run the following command from the Exchange Management Shell (EMS):

  • $cert = New-ExchangeCertificate -GenerateRequest -SubjectName “C=ZA,o=thexchangelab,cn=thexchangelabcert” -DomainName “” -PrivateKeyExportable $true

Once the command has run, you can now run the following command to export the information to a text file:

  • $cert | out-file c:\Installs\certreq.txt

Now if we head over to the location that we specified in the second command we will see the generated CSR:

Once we have received our new file from our provider, we can complete the request by running the following command:

  • Import-ExchangeCertificate -FileName “C:\Location\CertName.cer”

As you can see, it is now imported, the last step is to assign services to the certificate which you can achieve by running this command:

  • Enable-ExchangeCertificate -Thumbprint “xxxx” -Services SMTP,IIS

You will be prompted if you want to overwrite the default certificate, you can choose yes and all will be completed.

Hope it helps.


You may also like...

Leave a Reply