Unbind services from old certificate in exchange 2019

ZCT 1 Reputation point


We have installed a replacement certificate in Exchange 2019 and have assigned all of the services to the new certificate.

We just need a way to temporarily unbind the old certificate from the Exchange services so that we can test before we completely remove the existing certificate.

I cannot find a way to simply unbind those services like SMTP, etc from the old certificate. in EAC its all greyed out and I can't find CMDlet to do this in exchange management shell.

Can anyone tell me how I can just unbind IMAP, POP, SMTP from a certificate without deleting it?

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,195 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andy David - MVP 137.9K Reputation points MVP

    You can't without removing the cert

    Some will tell you to run:

    enable-exchangecertificate -Services $null  

    but that doesnt work.

    What you can do is enable protocol logging and you should see the clients using the new cert.

    For SMTP for example:

    Enable on the connectors and check the SMTP protocol logs, it will show the certificate used



    1 person found this answer helpful.
    0 comments No comments