These steps will walk you through assigning an existing third-party SSL certificate to the Exchange services such as IIS, SMTP, POP, IMAP and UM. These steps assume you have already completed a certificate request and installed your SSL certificate on Exchange 2013.
Step 1: open Exchange Admin Center (EAC) and click servers > certificates.
select your SSL certificate, and click the edit button 
.
Step 2: click “services” and then place check marks next to the services that you would like assigned to the SSL Certificate. SMTP, IMAP, POP and IIS are standard. Note: If you have a Wildcard SSL certificate then leave IMAP and POP unchecked, Wildcard certificates do not work for POP/IMAP.
Click “yes” on this standard warning message which indicates the default self signed cert will be replaced with your new third party SSL certificate.
Conclusion: At this point your SSL cert is installed and enabled on Exchange 2013. Congrats! I recommend you test your certificate by connecting your server with a Browser and see if any errors come up: https://servername.domainname.com/owa
Next: you will configure the Exchange 2013 Virtual Directories.
Thanks,
I already succeeded renew and now I have 2 certificates which are existing one and renewal one. similar to yours, both of mine are also still valid, however the existing one will soon expired. My question is : do I have to take over now by assigning my remaining services (SMTP, and IIS) ? Or I just let it expired and becomes invalid and system automatically take over? (Still not sure automatic or not by the way).
Need your advise
Thanks
Ferry
Hello, you should assign your services to your new certificate. Once that is complete, one can generally remove the old certificate that has no services assigned.