A couple of issues after Migrating to Exchange 2019

Copper Contributor

I migrated a server from Exchange 2010 to Exchange 2019 this weekend. I currently have two issues I need assistance with.

  1. This is the first Exchange 2019 server that I have worked on and with the SSL importing process being vastly different then previous versions I need a guide or guidance to make sure I am doing it properly. I have tried several sources, including several from Microsoft.

    Every guide I have found only explains half of the process. Previously part of the process involved importing the p7b into the certificates store and then the crt into Exchange. Every guide I have found only explains the crt part. Is the first part the same? Can some one provide me a link with the entire process including importing both parts of the SSL or fully explain it.

    If it matters I purchased my SSL from GoDaddy last year, it is good until next year. I talked to their support and all they could provide is one of the links from Microsoft I had already read and found it to not be a help.
  2. One of my email accounts/boxes seems to not have transferred from Exchange 2016 to 2019 fully or correctly. Although it transferred from 2010 to 2016 just fine. The migration process said it completed successfully for all mailboxes including this one both in EAC as well as in EMS when running get-moverequest. Yet without the 2016 server running this msilbox will not connect to Exchange. I tried removing it from Outlook 2019 and adding back but now it will not add to Outlook. I am however able to connect to this account through OWA and it is receiving mail, without the 2016 server running. All other accounts work just fine.

Can anyone assist me with either or both of these issues?

3 Replies

Hi @tesla1886 

I understand you have a working certificate on one Server (probably the public certificate) and want it to transfer to another Server.


On the working Server export the Certificate (from the Local Computer Certificate Store) to a PFX File with a Password including the private Key



Copy the PFX File to the new Server open Local Computer Certificate Store (certlm.msc) and import the PFX. 

Make sure you have the Root Certificate and Intermediate Certificates from your certificate in the appropriate stores.
Then use Get-ExchangeCertificate and Enable-ExchangeCertificate to enable them in Exchange.





@Andres Bohren
I didn't intend to transfer the certificate from the old server to the new one. I intended to rekey and replace it. I just don't know what the full process is and can't not find anything to tell me.

Hi @tesla1886 

If you have a new Certificate with the current Private Key
Import Certificate into Certificate Store 

certutil –repairstore my <serial number>

If you have a new private Key then you made a new CSR?
You should see a pending Request in "Certificate Enrollment Request" of your Cert Store

#Install the certificate with certutil
certreq -accept -machine C:\Install\test.cer