Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Let's Encrypt & Microsoft Exchange - Installation Script
"C:\Program Files\Lets Encrypt\letsencrypt.exe" --renew --baseuri "https://acme-v01.api.letsencrypt.org/"
powershell -File "C:\Program Files\Lets Encrypt\ExchangeLetsEncrypt.ps1" -CertificateImport "C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org\mail.example.com-all.pfx" -ServerName exchange.example.com
# A script to install a Let's Encrypt certificate in Exchange server
# Hacked together by Anthony Eden (https://mediarealm.com.au/)
param (
[Parameter(Mandatory=$TRUE, HelpMessage="store the certificate locally (c:\)")]
[String]
$CertificateImport,
[Parameter(Mandatory=$TRUE, HelpMessage="Exchange Server FQDN")]
[String]
$ServerName
)
if ( ((get-date) - (ls $CertificateImport).LastWriteTime).minutes -gt 10){ exit }
add-pssnapin Microsoft.Exchange.Management.PowerShell.E2010
# Find the thumbprint of this certificate
$certPrint = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$certPrint.Import($CertificateImport)
Import-ExchangeCertificate -Server $ServerName -FileName $CertificateImport
Enable-ExchangeCertificate -Thumbprint $certPrint.Thumbprint -Services POP,IMAP,IIS,SMTP -Confirm
# Add the cert to the default site in IIS
$binding = Get-WebBinding -Name "Default Web Site" -Protocol "https"
$binding.AddSslCertificate($certPrint.GetCertHashString(), "my")
# Add the cert to the Exchange Backend site in IIS
$binding = Get-WebBinding -Name "Exchange Back End" -Protocol "https"
$binding.AddSslCertificate($certPrint.GetCertHashString(), "my")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.