assign certificate to Exchange 2013 services (IIS, SMTP, POP, IMAP)

These steps will walk you through assigning an existing third-party SSL certificate to the Exchange services such as IIS, SMTP, POP, IMAP and UM.  These steps assume you have already completed a certificate request and installed your SSL certificate on Exchange 2013.

Step 1: open Exchange Admin Center (EAC) and click servers > certificates.
select your SSL certificate, and click the edit button edit icon.

select edit cert

Step 2: click “services” and then place check marks next to the services that you would like assigned to the SSL Certificate.  SMTP, IMAP, POP and IIS are standard.  Note: If you have a Wildcard SSL certificate then leave IMAP and POP unchecked, Wildcard certificates do not work for POP/IMAP.

assign certificate

Click “yes” on this standard warning message which indicates the default self signed cert will be replaced with your new third party SSL certificate.

overwrite-default-SMTP-cert

Conclusion:  At this point your SSL cert is installed and enabled on Exchange 2013.  Congrats!  I recommend you test your certificate by connecting your server with a Browser and see if any errors come up: https://servername.domainname.com/owa

Next: you will configure the Exchange 2013 Virtual Directories.

Related

2 thoughts on “assign certificate to Exchange 2013 services (IIS, SMTP, POP, IMAP)

  1. Ferry Avianto

    Thanks,

    I already succeeded renew and now I have 2 certificates which are existing one and renewal one. similar to yours, both of mine are also still valid, however the existing one will soon expired. My question is : do I have to take over now by assigning my remaining services (SMTP, and IIS) ? Or I just let it expired and becomes invalid and system automatically take over? (Still not sure automatic or not by the way).

    Need your advise
    Thanks
    Ferry

    Reply
    1. Chris Post author

      Hello, you should assign your services to your new certificate. Once that is complete, one can generally remove the old certificate that has no services assigned.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.