Exchange self signed certificates
Exchange self signed certificates are used to secure communications between exchange servers inside and outside your org, for example the communication between a Edge and a Hub server, this certificates expire after 12 months and there’s no workaround for this except to screen your event log to a event id like “an internal transport certificate expired” or “is going to expire within x days or hours”. This certificates are created upon the server installation. The process of renewal is quite simple just have to follow this:
- Just get the thumbprint of the cert that is going to expire:
- Get-ExchangeCertificate -DomainName CAS_SERVER.wathever.com
- then clone it
- Get-ExchangeCertificate -Thumbprint c4248cd7065c87cb942d60f7293feb7d533a4afc | New-ExchangeCertificate
And that’s it ! Good as new for more 12m
More info on this subject: