skip to Main Content

Get Exchange certificate with PowerShell

Do you need to get the Exchange certificate with PowerShell? For example, you need to cleanup the Exchange certificates. You can retrieve the information in two ways. One of them is through PowerShell. The other is with the Exchange Admin Center (EAC). In this article, you will learn the PowerShell commands that you can use to get the information you need.

Get Exchange certificate with PowerShell

Run Exchange Management Shell as administrator. Make use of the Get-ExchangeCertificate cmdlet. Let’s first get all the installed certificates on the Exchange Server.

There are two certificates installed on the Exchange Server. The first certificate is a wildcard certificate. The second certificate is only for Exchange specific. These domains are and

Refine Exchange certificate output

We like to refine the output results of the installed Exchange certificates.

In the next part we will specify the services.

Get Exchange certificates with specific service

You can specify the services that you want to assign to a certificate. The services are:

  • SMTP
  • Microsoft Exchange Unified Messaging
  • Unified Messaging Call Router
  • IMAP
  • POP
  • IIS

Get a list of certificates that are installed and assigned to the SMTP service. Change the SMTP in the command to one of the above services if you want to filter the shown certificates.

It’s easier to filter and read when you get the Exchange certificates with PowerShell. Did it help you to get the Exchange certificate with PowerShell?


To sum up, you learned how to get an Exchange certificate with PowerShell. We can use both the Exchange Admin Center and PowerShell to get the Exchange certificates information. Do you use the Exchange Admin Center or PowerShell? I hope you enjoyed this article. You may also like Always run Exchange Management Shell as administrator. Don’t forget to follow us and share this article.



ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

This Post Has 2 Comments

  1. Hi, If I run “Get-ExchangeCertificate | select Thumbprint, Services, NotAfter, Subject, CertificateDomains” from the exchange management shell it works fine.
    But If I were run powershell and connect to the on-premises environment (New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri “http://$ExchServ/powershell” -Authentication Kerberos), run the same command, “certificate domains” shows BLANK.
    How can I get it to show the field.

    1. Hi Hil, you are connecting from another server to the on-premises Exchange Server. Unfortunately, you will not get all the certificate properties. What you can do is the following: Install Exchange Management Tools on the server that you are on. Once installed, launch EMS or PS and load the Exchange SnapIn. Run the cmdlet.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top