Problem:
The Exchange 2010 certificate from an internal Microsoft CA is due to expire soon, how do I renew this?
Solution:
1. Open the Exchange Management console and click Renew Exchange Certificate
2. Choose a location to save the Certificate Signing Request file
3. Login to your CA and open a command prompt, run the below command to issue the request:
certreq -submit -attrib "CertificateTemplate:WebServer" C:\temp\NewCertificate.req
4. The CA will issue the certificate and prompt you to save it.
5. Go back to the Exchange Management console and click on the expired certificate. Click Complete Pending Request and select the new certificate file from the CA. The certificate will now be imported.
6. Right click on the new certificate and click Assign Services to Certificate.
7. Select all the same services as the old certificate and click Next.
8. Click Yes to All when prompted to overwrite the existing default SMTP certificate.