Exchange Server 2016

Export and Import the Certificate on Microsoft Exchange Server 2016

In the previous Exchange Server 2016 article, you have created a trusted certificate by creating a certificate request and submitting it to a CA. If you have multiple Exchange Servers 2016 in your environment, you need to export the same certificate and import it to the new Exchange Server 2016.Exchange Server 2016 consolidates all roles on the Mailbox Server, except the Edge Transport server role. In Exchange Server 2013, you need to do these steps in Exchange Server where the Client Access Server Role installed. Here, you have two Exchange Server 2016 (KTM-EX1 and KTM-EX2). KTM-EX1 has already installed trusted certificate, from KTM-EX1 you need export the certificate and import the certificate to KTM-EX2, is a new Exchange Server 2016.
Export Import Exchange 2016 Certificate

Export the Certificate from KTM-EX1
1.
In Exchange admin center, on the Certificates tab, in the Select server box, select KTM-EX1.msserverpro.com, click the msserverpro.com certificate, verify that trusted certificate is installed in KTM-EX1.msserverpro.com.

7 26 2016 10 57 25 PM
7 26 2016 10 59 01 PM

2. In Exchange admin center, on the Certificates tab, in the Select server box, select KTM-EX2.msserverpro.com, verify that trusted certificate is not installed. After installing Exchange Server 2016, the server is configured to use a Self-signed certificate for KTM-EX2.msserverpro.com.

7 26 2016 11 02 10 PM
7 26 2016 11 03 50 PM

3. In Exchange admin center, on the Certificates tab, in the Select Server box, select KTM-EX1.msserverpro.com, click the msserverpro.com certificate, click More and click Export Exchange certificate.

7 26 2016 11 05 45 PM

4. On the export Exchange certificate page, in the File to export to text box, type \\KTM-EX2\ExportCertificate\ExchangeCert.pfx. In the Password text box, type P@ssw0rd, and then click OK.

7 26 2016 11 15 08 PM

5. Verify the export exchange server certificate file.

Related Post  Configuring the Hub Transport Server as an Edge Transport Server in Exchange 2010 SP1

7 26 2016 11 16 43 PM

6. In the Exchange admin center, in the Select Server box, select KTM-EX2.msserverpro.com, click More and click Import Exchange Certificate.

7 26 2016 11 17 18 PM

7. On the import Exchange certificate page, in the File to import from text box, type \\KTM-EX2\ExportCertificate\ExchangeCert.pfx. In the Password text box, type P@ssw0rd, and then click Next.

7 26 2016 11 20 11 PM

8. In the import Exchange certificate page, In the Specify the servers you want to apply this certificate to area, click add, select KTM-EX2, click add and then click OK.

7 26 2016 11 20 43 PM
7 26 2016 11 21 15 PM

9. In the import Exchange certificate page, verify that KTM-EX2.msserverpro.com is listed in the Specify the servers you want to apply this certificate to area, click Finish.

7 26 2016 11 21 57 PM

10. Verify that the trusted certificate is installed in KTM-EX2.msserverpro.com.

7 26 2016 11 22 43 PM

Assign services to the KTM-EX2

Before your certificate become active, you need to assign specific Exchange services to SMTP and IIS.

11. In Exchange admin center, on the Certificates tab, in the Select Server box, select KTM-EX2.msserverpro.com, click the msserverpro.com certificate, click Edit.

7 26 2016 11 23 57 PM

12. In the msserverpro.com windows, click services. Select the SMTP and IIS check boxes, and click Save.

7 26 2016 11 26 07 PM

13. In the Warning windows, click Yes.

7 26 2016 11 27 08 PM
7 26 2016 11 28 02 PM

We have now successfully export and import exchange server certificate for new Exchange Server KTM-EX2 and assign Exchange services to it, such as IIS and SMTP.

 

 

Summary:

When we have multiple Exchange Server 2016 in our organization, we have to configure these steps. In Exchange Server 2013 we have to do these steps in Client Access Server. In the production environment, always use public CA certificate for Exchange Server certificate because public certificate is auto trust by all browser. I hope this article will help.

Related Post  Redirecting HTTP Request to SSL Request in Exchange Server 2007

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *