Once you receive your certificate issuance ZIP file, extract the file(s) contained in the ZIP file to the server. We recommend extracting these to the Desktop or a new directory all together.

Option 1:

• From the Exchange Management Shell, run the following command to install the server, root, and intermediate certificates to their respective certificate stores:
• Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\\certificates\\YOUR_CERTIFICATE.cer -Encoding byte -ReadCount 0))

Note: If you received .crt(s) instead of one .cer file, then you will want to ensure that YOUR_CERTIFICATE.cer is YOUR_ORDER_NUMBER.crt or YOUR_FQDN.crt. As a result of this format, you may need to install the Root & Intermediate certificate(s) on your server manually. See Related Articles section of this document for more details on how to do this.

• Make sure there are no spaces in your path. As a result of running this command, it should output a thumbprint. (In the event you've lost your thumbprint, you can copy it from the MMC Certificates Snap-in.)
• Then, to enable the services, run the following:

Exchange 2007:

• Enable-ExchangeCertificate -Thumbprint 1234ae0567a72fccb75b1d0198628675333d010e -Services 'POP,IMAP,SMTP,IIS'

Note: replace thumbprint 1234 with $your_Thumbprint

(This assumes that you'll be running the above services)

Exchange 2010:

• Enable-ExchangeCertificate -Thumbprint 1234ae0567a72fccb75b1d0198628675333d010e -Services POP,IMAP,SMTP,IIS

Note: replace thumbprint 1234 with $your_Thumbprint


Option 2:

• Alternatively you can run the following command to import & enable services in one line.
• Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\\certificates\\YOUR_CERTIFICATE.cer -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services 'IIS,POP,IMAP,SMTP'

Related Articles

• Root and Intermediate Certificate installation via MMC