HostSEO Blog

Stories and News from IT Industry, Reviews & Tips | Technology Blog


Installing an SSL certificate in Exchange 2013 Shell

Previously, we created the CSR in Exchange Management Shell and used it to activate the certificate. After the certificate is issued, you can download the files in your Namecheap account.

The file used for Windows is .p7b. Exchange requires the .cer file, and you can simply rename your .p7b file to .cer as far as they belong to the same certificate format.

The files should be saved on your computer for installation.

To install the certificate, open Exchange Shell and type the following command:

Import-ExchangeCertificate –FileData ([byte []]$(Get-Content –Path “path_to_certificate.cer” –Encoding Byte –ReadCount 0))
If everything is entered correctly, the system will display the Thumbprint of the certificate and its details (common name, organizational unit, etc.).

In our example, the certificate file was saved on the disc C://, folder “certs”.


In the next step, it is necessary to assign the certificate to the Exchange services. The command is as follows:

Get-ExchangeCertificate –ThumbPrint | Enable-ExchangeCertificate –Services IIS,SMTP,IMAP,POP

The thumbprint used here is the sequence of digits displayed by the system in the previous step. You can also find the thumbprint by decoding your certificate, which can be done in one of two ways:

  1. Use the .crt file from the zip folder you have downloaded from your account. Go to this decoder, paste the content of the .crt file in and look for the “SHA1 Fingerprint” field. Note: you would need to delete the colons (:) from the fingerprint before using it in your Shell.
  2. Use the .p7b file from the zip folder. The decoder will show a message that the certificate is in PKCS#7 format and display the PEM certificate on the page. You will need to copy and decode the PEM certificate with the -----BEGIN CERTIFICATE----- header and use the digits from the “SHA1 Fingerprint” field.


After you type the command and click Enter, the system will ask if the current installed certificate should be overwritten. This happens if it is the first trusted certificate which will overwrite the default self-signed certificate, or if you have reissued/renewed your certificate. Confirm that the certificate should be overwritten.

The certificate is now installed on the server and assigned to the necessary services. To confirm that it has installed correctly, connect to your server in the browser using the URL of your domain and check the certificate details.

Subscribe Now

10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!

Archive Calendar

SatSunMonTueWedThuFri
 123456
78910111213
14151617181920
21222324252627
28293031 

Born in 2004 ... Trusted By Clients n' Experts

SEO Stars

They never made me feel silly for asking questions. Help me understand how to attract more people and improve my search engine ranking.

Read More

Emily Schneller Manager at Sabre Inc
SEO Stars

Took advantage of Hostseo's superb tech support and I must say, it is a very perfect one. It is very fast, servers reliability is incredible.

Read More

Leena Mäkinen Creative producer
SEO Stars

We're operating a worldwide network of servers with high quality standards requirements, we’ve choose hostseo to be our perfect partner.

Read More

Ziff Davis CEO at Mashable
SEO Stars

It’s very comfortable to know I can rely about all technical issues on Hostseo and mostly that my website and emails are safe and secured here.

Read More

Isaac H. Entrepreneur
SEO Stars

With hostseo as a hosting partner we are more flexible and save money due to the better packages with great pricing, free SEO n' free SSL too!

Read More

Madeline E. Internet Professional