Exchange 2007 uses SSL certificates extensively across the IMAP, POP, IMAP, UM and IIS services. I assumed that adding an SSL certificate to one of the Domain Controllers would propogate that certificate across all the controllers. I guess it makes sense that I was wrong, SSL certificates aren’t something you want spread or activated widely. If you do need to move or copy the certificate across servers though, it is a simple 3 step process in the Exchange shell:
1) Export the certificate from the original server:
Export-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -BinaryEncoded:$true -Path c:\certificates\export.pfx -Password:(Get-Credential).password
http://technet.microsoft.com/en-us/library/aa996305.aspx
2) Import the certificate into the new server:
Import-ExchangeCertificate -Path c:\certificates\export.pfx -Password:(Get-Credential).password
http://technet.microsoft.com/en-us/library/bb124424.aspx
3) Enable the new certificate:
Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services “POP, IMAP”
http://technet.microsoft.com/en-us/library/aa997231.aspx
Done! 🙂