Copy an SSL Cert to Other Exchange 2010 Servers

Intructions to Copy an SSL Certificate File to a new Exchange 2010 Server

To copy an SSL Certificate from one Exchange 2007 or Exchange 2010 server to another you will first need to export SSL certificate from Exchange 2010 then follow the instructions below to tell the new server to start using it.

After successfully exporting your SSL Certificate file to mail_yourdomain_com.pfx, you'll then have to copy your certificate file onto the additional Exchange 2010 Server(s) that you want to install the certificate onto, then run the DigiCert Utility to import it, then finally Enable all of the services you're using on each of those servers.

Importing a PFX file Into Exchange 2010 with the DigiCert SSL Certificate Management Utility

1. Open the DigiCert SSL Certificate Utility on your Microsoft Exchange 2010 Server.

2. Click Import button then find and open mail_domain_com.pfx file.
   
   

3. Type the Password used to protect the PFX file and hit the Enter key.

4. Choose a Friendly Name that this SSL Certificate will be displayed by in the Exchange Management Console and click Finish.
   You should then see a message that the certificate was successfully imported.
   
   

Install an Exported PFX file into Exchange 2010

Assign Services to an Installed Certificate in the EMC

1. Use the Start menu to open the Exchange 2010 Management Console Start > Programs > Microsoft Exchange 2010 > Exchange Management Console.
   

2. In the middle window pane click to Manage Databases. Then on the left window pane click Server Configuration.

3. Select your certificate and click the link to Assign Services to Certificate.
   
   
   

4. Select all of the services you would like enabled for your new certificate, then click Next > Assign > Finish.
   Your certificate should now be installed and enabled for Microsoft Exchange.
   

Troubleshooting

If you run into any errors with clients trying to connect to your server, first double-check to make sure you see a green checkmark next to your SSL Certificate from the DigiCert Utility. If you are receiving a green checkmark, but get an Error about 'The certificate status could not be determined because the revocation check failed', don't panic, your certificate probably wasn't revoked, you will probably just need to run the Enable-Exchange Command from Step 5 of the SSL Installation instructions, and your certificate will still show the ugly red x, but the Server will use it anyway to communicate with your clients when they connect.

Importing an SSL Certificate onto an Exchange 2010 Server Tutorial

Thus concludes the tutorial on importing a PFX file into an Exchange 2010 Server using the DigiCert Utility and the Exchange Management Console