our SSL certificate and Intermediate certificate will arrive by email, use the following commands to import the Intermediate certificate and the SSL ceretificate
Import the Intermediate certificate
Copy the Intermediate certificate from the email and use the following instructions
Copy the intermediate certificate from the body of the email and paste it into a simple text editor, such as Notepad
Save it as intermediate.cer on your desktop
Open MMC
Select File > Add/Remove Snap In
Select Add
Select Certificates > Add
Select Computer Account > Next
Local Computer > Finish > Close > OK
Select Certificates > Intermediate Certification Authorities > Certificates
Right-Click Certificates > All-Tasks > Import
The Import Wizard will start, follow the instructions to import the intermediate certificate and close MMC.
Import the SSL certificate
Copy the SSL certificate from the email and save this as mydomain.cer. The name and location of the file are not important.
Open the Exchange Management Shell and run the import and enable commands:
Import-ExchangeCertificate -Path C:\mydomain.cer
Enable-ExchangeCertificate -Services “SMTP, IMAP, POP, IIS”
The services can be any combination of these values: IMAP, POP, UM, IIS, SMTP
To verify that your certificate is running and enabled run the following command:
Get-ExchangeCertificate -DomainName server.domain.com
In response to the above command you you should see the certificates thumbprint, an abbreviated list of the services and mydomain.cer. If your certificate isn’t properly enabled, you can re-run the modified Enable command with the certificate thumbprint
Enable-ExchangeCertificate -Thumbprint [paste thumbprint here] -Services “SMTP,IMAP, POP, IIS”
Reboot your server and test your certificate is working by connecting with IE, ActiveSync or Outlook.
Important: Do not use the Certificate snap-in to import the certificates for any service on an Exchange server. Using the Certificate snap-in to import certificates on Exchange servers will fail. Therefore, TLS or other Exchange certificate services will not work.