Edge Synchronization Creating and Renewing Certificates

Once a year you will need to create new edge certificates and re-establish the synchronization. Here is the steps to do this process (All commands are run in EWS):

  • View the status of current Certificates: Get-ExchangeCertificate | List
  • Created new certificate (This step needs to be done on hub transport and edge server): New-ExchangeCertificate select Yes to overwrite
  • Move IIS role to new Certificate: Enable-ExchangeCertificate -Thumbprint (put thumbprint of new cert here) -Service IIS
  • Remove old Certificate in IIS (select old cert and hit delete) or EWS using: Remove-ExchangeCertificate -Thumbprint (old cert thumbprint key here)
  • On Edge Server type: New-EdgeSubscription (type file path/name when prompted ex. c:newedge.xml)
  • Copy xml file you created to Hub Transport server(flash drive or network drive)
  • Open Exchange Management Console on Hub Transport. Goto Organization Configuration -> Hub Transport. Select New Edge Subscription and select the xml file (leave all settings on config page default and hit new)
  • Open EWS back up on Hub transport and type: Start-EdgeSynchronization
  • Now test your edge sync by typing: Test-EdgeSyncronization (Everything should be synchronized)
  • Do your test emails to verify connectivity and you are finished.

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    %d bloggers like this: