When will certificate expire?
Hi, I'm currently running an Exchange2007 server.I'm fairly sure it's Been over a year since the certificate has Been renewed.Just wondering howto go aBout determing when the certificate will actually expire? Thanks,
June 25th, 2008 10:24pm
Lots of ways to tell. Here are the two I'd use:
Visit the site with a browser, and click the lock and hit view certificate. You can see the certificates date range
In the powershell "Get-ExchangeCertificate |fl" will list the certificates for the local machine, and you can view details like expiration date from here.
Free Windows Admin Tool Kit Click here and download it now
June 26th, 2008 3:44am
Dear customer:
Thanks for Mikes reply. His opinion is right.
In Exchange server 2007, Self-signed certificates that are created by Exchange expire in one year. The internal components that rely on the default self-signed certificates continue to operate even if the self-signed certificate has expired. However, when the self-signed certificate has expired, events are logged in Event Viewer. It is a best practice to renew the self-signed certificates before they expire.
For more information about self-signed certificate, please refer to the following documents:
Understanding the Self-Signed Certificate in Exchange 2007
http://technet.microsoft.com/en-us/library/bb851554(EXCHG.80).aspx
You can run the following command to determine when the certificate will actually expire:
Get-exchangecertificate | fl thunmbprint,notafter
Also, you can try the following method:
1. Open IIS manager, right click the web site that you want to view, select properties,
2. Click directory security, click view certificate, click general, you can check words such as valid from to .
Hope it helps. If anything is unclear, please feel free to let me know.
Rock Wang - MSFT
June 26th, 2008 9:21am
Thanks!
For some reason I get the following error message when attempting to renew one of the certificates:
The term 'Get-ExchangeCertificate' is not recognized as a cmdlet, function, operable program, or script file. Verify the term and try again. At line:1 char:25 + Get-ExchangeCertificate <<<< -Thumbprint 3031FCD7012D05B583B459C1B0D3F7C0BBBF7DD3 | New-ExchangeCertificate
This is the command I'm using (from msdn documentation)
Get-ExchangeCertificate Thumbprint 3031FCD7012D05B583B459C1B0D3F7C0BBBF7DD3 | New-ExchangeCertificate
Any suggestions?
Free Windows Admin Tool Kit Click here and download it now
June 30th, 2008 10:02pm
I hope you are running this in Exchange Management Shell,not in Windows PowerSehll.
July 1st, 2008 3:01am
Dear customer:
Thanks for Amits reply.
Please double checks whether you run thefollowing command in Exchange Management Shell not in Windows PowerShell.
Additionally, please send the screenshot of the error when you run Get-ExchangeCertificate Thumbprint 3031FCD7012D05B583B459C1B0D3F7C0BBBF7DD3 | New-ExchangeCertificate cmd-let to v-rocwan@microsoft.com for analyze.
When sending e-mail to me, please add the subject of the post that you have posted in the forum.
Thanks for your time and cooperation.
Rock Wang - MSFT
Free Windows Admin Tool Kit Click here and download it now
July 2nd, 2008 1:05pm
I am running this command in the Exchange Management Shell.
I will post a screenshot later on in the evening.
Thanks,
July 2nd, 2008 7:54pm