I purchased a multi-year certificate (from Godaddy) for my exchange 2016 in 2020. They sent me the first (1 year) cert, which will expire soon, in response to my original request generated in the ECP. I understand that certs cannot extend beyond 1 year now.
Now, GoDaddy sent me a new cert to replace the old one ( I did not have to request it). However, there is no open request. How do I install the new cert without an open request in the ECP?
I tried clicking RENEW and providing this new cert as the response, but ECP complains that a certificate with that thumbprint already exists.
How do I proceed? (GoDaddy is no help - they tell me to contact Microsoft). Shouldn't I have to send the CA (GoDaddy) a new request before they can send me a cert? Or is there some other way to install the updated certificate?
If updated certificate has same public key (I bet it is the case), then install that public certificate in LocaL Machine\Personal, then run the following command in elevated command prompt:
where
ab cd efis the serial number of renewed certificate. Replace this string with actual serial number. The command will bind/associate this certificate with existing private key. Then you can go Exchange management shell and change the certificate.