locked
POwerShell to request a certificate renewal RRS feed

  • Question

  • Can I just use a simple pipe in Powershell to get all the parameters right for a Cert request? - We have a cert about to expire on our outward-facing CAS 2007 server - it serves up POP, IMAP & OWA to many many people in many states. Naturally, I want the new cert to replace the old one with no glitches - I was hoping I could do something like this:

    Get-ExchangeCertificate -Thumbprint 1223456AAB08asdasdasd085ADACdfasdsdE168E6 |New-ExchangeCertificate  -GenerateRequest -Path c:\users\myprofile\desktop\certreq.req

    and simply send that request off to our third party cert authority. I was hoping it would contain all the Subject Alternate Names, have the same parameters as the original cert so we'd have no end-user issues, which could swamp our undermanned HelpDesk.

    Any suggestions? Thanks in advance

    Monday, February 14, 2011 4:39 PM

Answers

  • You can do that, but it creates a self-signed certificate. If you are using a certificate authority, then you have no choice but to create a new request, submit it to the CA and then process and enable it for the Exchange Services.

     

     

    • Proposed as answer by Jamestechman Monday, February 14, 2011 7:31 PM
    • Marked as answer by Gavin-Zhang Tuesday, February 15, 2011 9:59 AM
    Monday, February 14, 2011 7:20 PM