Here is a PowerShell script to validate your installed server certificates for Exchange 2010 servers and the services that they have been bound to.

  • Mailbox servers you can use - Get-MailboxServer
  • Transport(HUB) servers you can use - Get-TransportServer
  • Client Access(CAS) servers you can use - Get-ClientAccessServer

The default input for the “Get-ExchangeCertificate” is the “-thumbprint” of the certificate so I had to write this little script.

1
2
3
4
5
6
$Servers = Get-MailboxServer 
ForEach($Server In $Servers) 
{ 
$cert = Get-ExchangeCertificate -Server $Server
$cert | Select @{N="Computer";E={$Server}},Services,Issuer,Thumbprint 
}

Hope this helps.

All information is provided on an AS-IS basis, with no warranties and confers no rights.