I have a 2 node Exchange 2013 environment. I renewed the SSL certificate for imap, pop,iis and SMTP on one server, can I use the same certificate on the 2nd node or do I need to buy a new one for that node?

Thanks

Pat

Hello Pat,

We need to apply the SSL for Client Access Server only. If you have client access server and the client access methods available there on the second server, import the same certificate there too. No need to get a new certificate 

Export ssl certificate from the 1st node then import it to the 2nd node, using exchange admin center 

Check link below for details 

http://exchangeserverpro.com/exchange-2013-ssl-certificate-export-import/

Hi Pat,

Thank you for your question.

In addition above suggestion, we could refer to the following link to renew certificate:

https://technet.microsoft.com/en-us/library/ee332322%28v=exchg.141%29.aspx

Notice: this is a link which is about Exchange 2010, but it also adapt to Exchange 2013.

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim

Exporting it and importing it on the 2nd server should work, provided the private key was allowed for export when the certificate request was issued. 

Also note that there are vendors that license the certificates per server, so it might be worth looking into how your provider handles this.

As for the SMTP certificate, the same cannot be used on multiple mailbox servers, provided you don't attempt to install it also on an Edge server (link here is for 2007, but it still applies in 2010 and possibly in 2013 as well). Doesn't look to be your case though.

• Edited by Albert Mihai 1 hour 32 minutes ago

Get the thumbprint from installed server and run this command on 2nd server 

Enable-ExchangeCertificate -Thumbprint ( thumb print number) -Services POP,IMAP,SMTP,IIS