Sep 21 2020 09:00 AM
Hi Exchange Community,
On my Exchange-OnPrem 2013 server, I got Alerts regarding two certificates have expired and one certificate is about to expire.
I went to Exchange Admin Center --> Servers --> Certificates:
I can see those certs plus others along with their status and expire date.
Sep 21 2020 12:09 PM
You can use the following command
Get-ExchangeCertificate
and you will see each certificate with which service is bound
https://www.alitajran.com/get-exchange-certificate-with-powershell/
Sep 21 2020 01:14 PM
@farismalaeb Thanks for sharing the knowledge.
I ran the command with different options but services shown there is blank via powerShell but it shows services in the UI.
Sep 21 2020 02:02 PM
Sep 21 2020 02:28 PM
@farismalaeb Sure
Sep 21 2020 11:52 PM
SolutionI try it in my exchange 2016 and the service shows None if the certificate is not assign with any service.
I also got some warning in my exchange regarding some expired certificate, but I ignore them as these certificate are not assign with any service or has been replaced with another new certificate.
run the following command for more infomatino and post the all result back
Get-ExchangeCertificate |where {($_.Services -notlike "none") -and ($_.Services -notlike $null)}| select thumbprint,Services,Subject
This command will show you a list of all certificate and the assigned services with them.
Sep 22 2020 08:24 AM
Sep 22 2020 11:12 AM
this seems silly thing from powershell,
If you use ISE to connect to exchange, the result for Service will be null,
try to use the Exchange Server Manamgement Shell in the server it self ( the Powershell that come with exchange) and run the command, you will see that the result are available.
Let me know the update.
Thanks
Sep 22 2020 11:21 AM
Sep 22 2020 11:38 AM
Thanks for the response.
Just to add extra details here,
I notice when i get the member Get-Member of Get-Certificate the services is not listed as a property, actually its not listed at all, and this is why you will get an empty value ($Null).
I will need to see whats going, maybe Exchange mgmt shell load more library before connect.
Sep 21 2020 11:52 PM
SolutionI try it in my exchange 2016 and the service shows None if the certificate is not assign with any service.
I also got some warning in my exchange regarding some expired certificate, but I ignore them as these certificate are not assign with any service or has been replaced with another new certificate.
run the following command for more infomatino and post the all result back
Get-ExchangeCertificate |where {($_.Services -notlike "none") -and ($_.Services -notlike $null)}| select thumbprint,Services,Subject
This command will show you a list of all certificate and the assigned services with them.