I am trying to understand S/mime and EXO and Macs.
I know in Windows Outlook you can publish your certs and this seems to work pretty good for our Windows users, however, you cannot do this on a Mac. I have been marginally successful publishing certificates with powershell to Exchange. I have read several articles on configuring the EXO store with the SST file.
First question is, when you publish to the GAL with Windows Outlook, it publishes both the signing and encryption certificate. How do you publish both of these via powershell?
Question 2, is there a why to clear the certificates out of the GAL to start again?
Question 3, do the certs have to be published to the GAL and to the AD on-prem user account? (I am not sure how our AD Connect is configured yet).
We are using Carrilon certs, I have yet to figure out how to wire that up to AD on-prem.