Installation Instructions for Microsoft Exchange 2007

Solution ID:    SO14293    Updated:    09/16/2016


This document provides instructions for installing a SSL certificate on Microsoft Exchange 2007. If you are unable to use these instructions for your server, RapidSSL recommends that you contact Microsoft.

Step 1: Obtain the SSL certificate and intermediate CA certificate

    1.    The RapidSSL certificate download link will be sent by email.

    2.    Download and extract the certificate zip file from the email.

           NOTE: Click here for steps to download the RapidSSL certificate.


Step 2: Install the SSL certificate:

To install the SSL certificate into a Microsoft Exchange 2007 server, you will need to use the Exchange Management Shell (EMS). 
    1.    Copy the SSL certificate file, for example ssl_certificate.p7b and save it to
           C:\ on your Exchange server.
    2.    Open the EMS: Click Start > Programs > Microsoft Exchange Server 2007> EMS.
    3.    Run the Import-ExchangeCertificate and Enable-ExchangeCertificate commands together
           (both commands are run on the same line, separated by a pipe character).

           Import-ExchangeCertificate -Path C:\newcert.p7b | Enable-ExchangeCertificate -Services
           "SMTP, IMAP, POP, IIS" 

           Note: The Services option can be any combination of these values: IMAP, POP, UM, IIS, SMTP.
           To disable a certificate, set the Services parameter to 'None'. For more information regarding
           the Exchange commands, refer to this Microsoft Knowledge base article.
    4.    Verify that the certificate is enabled by running the Get-ExchangeCertificate command.

           C:\> Get-ExchangeCertificate -DomainName


    5.    In the Services column, letters SIP and W stand for SMTP, IMAP, POP3 and Web (IIS).

           Note: If the certificate is not properly enabled, re-run the Enable-ExchangeCertificate
           command by pasting the thumbprint of the certificate as the -ThumbPrint argument such as:

            Enable-ExchangeCertificate -ThumbPrint [paste] -Services "SMTP, IMAP, POP, IIS"

    6.    Test the certificate by connecting to the server with Internet Explorer, ActiveSync, or Outlook.  
            You may also use the RapidSSL Installation Checker

            Note: If using ISA 2004 or ISA 2006, a reboot is recommended. It has been reported that ISA
            services won't send the intermediate certificate until after a reboot.


             For more information regarding the Exchange Management Shell, refer to Microsoft Support

Legacy ID


Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Knowledge Center

Search Tips