3 out of 9 rated this helpful - Rate this topic

Get-ExchangeCertificate

Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1

Topic Last Modified: 2007-06-28

Use the Get-ExchangeCertificate cmdlet to view certificates that are in the local certificate store.

Copy


Get-ExchangeCertificate [-Thumbprint <String>] [-DomainName <MultiValuedProperty>]

Copy


Get-ExchangeCertificate [-DomainName <MultiValuedProperty>] [-Instance <X509Certificate2>]

Detailed Description

To run the Get-ExchangeCertificate cmdlet, the account you use must be delegated the following:

Exchange View-Only Administrator role

To run the Get-ExchangeCertificate cmdlet on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

Parameters

Parameter	Required	Type	Description
DomainName	Optional	Microsoft.Exchange.Data.MultiValuedProperty	Use this parameter to return all certificates that contain the domain name that you specify in Subject Name field or the Subject Alternative Name field.
Instance	Optional	System.Security.Cryptography.X509Certificates.X509Certificate2	Use this parameter to pass a whole object to the command to be processed. This parameter is mainly used in scripts where a whole object must be passed to the command.
Thumbprint	Optional	System.String	Use this parameter to return the certificate with a matching thumbprint. Each certificate contains a thumbprint, which is the digest of the certificate data.

Input Types

Return Types

Errors

Error	Description

Exceptions

Exceptions	Description

Example

The first example returns all certificates stored in the local computer certificate store.

The second example returns the details, in a formatted list, about a specific certificate stored in the local computer certificate store.

Note:
The Thumbprint parameter is a positional parameter so only the Thumbprint value must be supplied.

The third example shows which certificate Exchange will pick for the Domain name, mail.contoso.com. A send or receive connector selects the certificate to use based on the FQDN of the connector. If you have multiple certificates with the same FQDN, you can see which certificate Exchange will pick by using the DomainName parameter. The first certificate returned is the certificate Exchange will pick.

Copy

Get-ExchangeCertificate
Get-ExchangeCertificate 5113ae0233a72fccb75b1d0198628675333d010e | fl
Get-ExchangeCertificate -DomainName mail1.contoso.com

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

Community Content Add

FAQ

Problem with OWA 2007

Please everyone who can help... my OWA 2007 site stopped working. I checked all the IIS certificates and configurations; they seem fine and as they should be "all the authentications are set to basic. when I tried to check the exchange certificate using get-exchangecertificate cmdlet, I get this error message
"WARNING: An unexpected error has occurred and debug information is being
generated: The process does not possess the 'SeSecurityPrivilege' privilege
which is required for this operation.
Get-ExchangeCertificate : The process does not possess the 'SeSecurityPrivilege
' privilege which is required for this operation.
At line:1 char:23
+ get-exchangecertificate <<<<"
How can I solve this error and get the OWA site up and running

History

7/8/2010
diaaeldinkhalil

Error when performing Get-ExchangeCertificate

History

4/28/2010
Apostle4

Products

Resources

Solutions

Downloads

Evals

Tools

TechNet Support

Microsoft Support

Get-ExchangeCertificate