Export (0) Print
Expand All

Get-ExchangeCertificate

Exchange 2010
 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-11-19

Use the Get-ExchangeCertificate cmdlet to view certificates in the local certificate store.


Get-ExchangeCertificate [-Thumbprint <String>] [-DomainController <Fqdn>] [-DomainName <MultiValuedProperty>] [-Server <ServerIdParameter>]


Get-ExchangeCertificate [-DomainController <Fqdn>] [-DomainName <MultiValuedProperty>] [-Instance <X509Certificate2>] [-Server <ServerIdParameter>]

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Certificate management" entry in the Exchange and Shell Infrastructure Permissions topic.

 

Parameter Required Type Description

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that retrieves data from Active Directory. The DomainController parameter isn't supported on the Edge Transport server role. The Edge Transport server role reads only from the Active Directory Lightweight Directory Services (AD LDS) instance.

DomainName

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The DomainName parameter specifies whether to return all certificates that contain the specified domain name in the Subject Name or the Subject Alternative Name fields.

Instance

Optional

System.Security.Cryptography.X509Certificates.X509Certificate2

The Instance parameter is no longer used and will be deprecated.

Server

Optional

Microsoft.Exchange.Configuration.Tasks.ServerIdParameter

The Server parameter specifies the server name from which you want to get the certificate.

Thumbprint

Optional

System.String

The Thumbprint parameter specifies a certificate thumbprint. Each certificate contains a thumbprint, which is the digest of the certificate data.

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.

This example returns all certificates stored in the local computer certificate store.

Get-ExchangeCertificate

This example returns the properties of a specified certificate in a formatted list.

noteNote:
The Thumbprint parameter is a positional parameter so you can provide only the thumbprint value without the Thumbprint parameter name.
Get-ExchangeCertificate 0271A7F1CA9AD8A27152CCAE044F968F068B14B8 | Format-List *

This example shows which certificate Exchange will select for the domain name mail.contoso.com. A Send or Receive connector selects the certificate to use based on the fully qualified domain name (FQDN) of the connector. If you have multiple certificates with the same FQDN, you can see which certificate Exchange will select by using the DomainName parameter to specify the FQDN. The first certificate returned is the certificate Exchange will select.

Get-ExchangeCertificate -DomainName mail.contoso.com
 © 2010 Microsoft Corporation. All rights reserved.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft