Import an Exchange Certificate

 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

You can use the Import Exchange Certificate wizard to import a certificate from a file with the extension of .pfx.

Prerequisites

The Client Access server role has been installed and you have previously exported a certificate with a private key as a file with the extension .pfx.

What Do You Want to Do?

  • Use the EMC to import a new Exchange certificate

  • Use the Shell to import a new Exchange certificate

Use the EMC to import a new Exchange certificate

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Client Access server security settings" entry in the Client Access Permissions topic.

  1. In the console tree, click Server Configuration.

  2. From the action pane, click Import Exchange Certificate to open the Import Exchange Certificate wizard.

    • This wizard helps you import a certificate with a valid private key to your Exchange server. You must enter the password of the private key for a successful import.
  3. On the Introduction page, click Browse to select the file that contains the exported certificate, and then enter the password for the certificate.

  4. On the Exchange Server Selection page, select the Exchange server that you want to import the certificate to.

  5. On the Completion page, verify that all previously selected options are correct.

  6. On the final page, follow the steps listed to complete your request. This page also displays the Shell cmdlet syntax necessary to import the certificate.

Use the Shell to import a new Exchange certificate

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Client Access server security settings" entry in the Client Access Permissions topic.

This example imports an Exchange certificate from a file named import.pfx.

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\certificates\import.pfx -Encoding byte -ReadCount 0)) -Password:(Get-Credential).password

 © 2010 Microsoft Corporation. All rights reserved.