Installing your SSL: Microsoft Exchange 2007

Your SSL certificate and Intermediate certificate will arrive by email, to install your SSL certificate, you will need to do the following:

Import the Intermediate certificate

  • Step 1 of 8

    Copy the Intermediate certificate from the email and use the following instructions:

    • Copy the intermediate certificate from the body of the email and paste it into a simple text editor, such as Notepad.
    • Save it as intermediate.cer on your desktop.
    • Open MMC.
    • Select File, Add/Remove Snap In.
    • Select Add.
    • Select Certificates, Add.
    • Select Computer Account, Next.
    • Local Computer, Finish, Close, OK.
    • Select Certificates, Intermediate Certification Authorities, Certificates.
    • Right-Click Certificates, All-Tasks, Import.
  • Step 2 of 8

    The Import Wizard will start, follow the instructions to import the intermediate certificate and close MMC.

  • Step 3 of 8

    Import the SSL certificate

    Copy the SSL certificate from the email and save this as mydomain.cer. The name and location of the file are not important.

  • Step 4 of 8

    Open the Exchange Management Shell and run the import and enable commands together separated by a pipe character:

    Import-ExchangeCertificate -Path C:mydomain.cer | Enable-ExchangeCertificate -Services "SMTP, IMAP, POP, IIS"

  • Step 5 of 8

    The services can be any combination of these values: IMAP, POP, UM, IIS, SMTP.

  • Step 6 of 8

    To verify that your website security certificate is running and enabled run the following command:

    Get-ExchangeCertificate -DomainName mydomain.cer

  • Step 7 of 8

    In response to the above command you should see the certificates thumbprint, an abbreviated list of the services and mydomain.cer. If your certificate isn't properly enabled, you can re-run the modified Enable command with the certificate thumbprint:

    Enable-ExchangeCertificate -Thumbprint [paste thumbprint here] -Services "SMTP,IMAP, POP, IIS"

  • Step 8 of 8

    Reboot your server and test your certificate is working by connecting with IE, ActiveSync or Outlook.

Important: Do not use the Certificate snap-in to import the certificates for any service on an Exchange server. Using the Certificate snap-in to import certificates on Exchange servers will fail. Therefore, TLS or other Exchange certificate services will not work. For more information please visit