Skip to content

Instantly share code, notes, and snippets.

Created December 23, 2017 03:03
  • Star 10 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save anthonyeden/015c568b169901a9879a1b504a089596 to your computer and use it in GitHub Desktop.
Let's Encrypt & Microsoft Exchange - Installation Script
"C:\Program Files\Lets Encrypt\letsencrypt.exe" --renew --baseuri ""
powershell -File "C:\Program Files\Lets Encrypt\ExchangeLetsEncrypt.ps1" -CertificateImport "C:\ProgramData\letsencrypt-win-simple\\" -ServerName
# A script to install a Let's Encrypt certificate in Exchange server
# Hacked together by Anthony Eden (
param (
[Parameter(Mandatory=$TRUE, HelpMessage="store the certificate locally (c:\)")]
[Parameter(Mandatory=$TRUE, HelpMessage="Exchange Server FQDN")]
if ( ((get-date) - (ls $CertificateImport).LastWriteTime).minutes -gt 10){ exit }
add-pssnapin Microsoft.Exchange.Management.PowerShell.E2010
# Find the thumbprint of this certificate
$certPrint = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
Import-ExchangeCertificate -Server $ServerName -FileName $CertificateImport
Enable-ExchangeCertificate -Thumbprint $certPrint.Thumbprint -Services POP,IMAP,IIS,SMTP -Confirm
# Add the cert to the default site in IIS
$binding = Get-WebBinding -Name "Default Web Site" -Protocol "https"
$binding.AddSslCertificate($certPrint.GetCertHashString(), "my")
# Add the cert to the Exchange Backend site in IIS
$binding = Get-WebBinding -Name "Exchange Back End" -Protocol "https"
$binding.AddSslCertificate($certPrint.GetCertHashString(), "my")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment