Renewing SBS2011 Exchange Self-Signed Certificate w/o changing home page in IE?

Solution 1:

In the exchange management shell run Get-ExchangeCertificate to get the thumbprint on the cert you're trying to renew then run the following:

Get-ExchangeCertificate <thumbprint> | New-ExchangeCertificate | Enable-ExchangeCertificate -services pop,imap,smtp,iis

Solution 2:

If using SBS2011 then

1. Start the Windows SBS2011 Standard Console
2. Click on the Network icon in the top bar, then click the Connectivity tab
3. Wait for the panel in the right to become active and then click on 'Fix My Network'
4. Let the wizard search for problems.
5. One of the problems it should find is the expired certificate.
6. Clear all the checkboxes except the certificate one and click Next

This will then re-issue a new self signed certificate on the server.

Solution 3:

I did this in SBS2011:

1. Open Exchange Management Console > navigate to Server Configuration and review the Certificates in the right panel

2. Identify the certificate that has expired (take note of the subject name and the services)

3. Start ExMngmtnShell as Administrator

4. type Get-ExchangeCertificate to list the installed certificates

5. Match the certificate to the expired certificate (using subject the name and services) from the Console then copy the associated thumbprint

6. Type Get-ExchangeCertificate –Thumbprint INSERTTHUMBPRINTHERE | New-ExchangeCertificate

7. Type Y to renew the certificate

8. You can confirm the new certificate is installed and associated with the correct services either by running Step 4 or Step 1/2.

9. Remove the old expired certificate either from the Console or from the Shell using Remove-ExchangeCertificate -Thumbprint INSERTTHUMBPRINTHERE

Note: I had to restart the server for the certificate to take effect.