Exchange 2007 uses SSL certificates extensively across the IMAP, POP, IMAP, UM and IIS services. I assumed that adding an SSL certificate to one of the Domain Controllers would propogate that certificate across all the controllers. I guess it makes sense that I was wrong, SSL certificates aren’t something you want spread or activated widely. If you do need to move or copy the certificate across servers though, it is a simple 3 step process in the Exchange shell:

1) Export the certificate from the original server:

Export-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -BinaryEncoded:$true -Path c:\certificates\export.pfx -Password:(Get-Credential).password

http://technet.microsoft.com/en-us/library/aa996305.aspx

2) Import the certificate into the new server:

Import-ExchangeCertificate -Path c:\certificates\export.pfx -Password:(Get-Credential).password

http://technet.microsoft.com/en-us/library/bb124424.aspx

3) Enable the new certificate:

Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services “POP, IMAP”

 http://technet.microsoft.com/en-us/library/aa997231.aspx

Done! 🙂