This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 7.000000000000001%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
I have 2 exchange hybrid servers. Mailboxes are in Exchange Online. I received a message that an SSL certificate was expiring on 11/19/2024. The SSL certificate does not have any assigned services. Another SSL certificate with the same name will expire in May 2025. There are no assigned services. I don't think either cert are/will be used. I ran the "Get-ExchangeCertificate" command to make sure there were no assigned services. I want to remove/disable the certs (at least the one expiring on 11/19/2024) since there are no services assign. Is there a command to just disable the cert instead of removing? what else do I need to check before disabling/removing? Thanks for your help.
As you had mentioned, you want to disable the certificate, but there is no built-in command in Exchange to disable. You can remove the certificate as it’s not in use.
Use this PowerShell command to do so-
Remove-ExchangeCertificate -Thumbprint <thumbprint-of-expiring-cert>
Double-check that you are removing the correct certificate by its thumbprint before running the command.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 26%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
Hi, @mara2021
Thank you for posting your question in the Microsoft Q&A forum.
According to your description, you want to disable the SSL certificate instead of deleting it. I agree with @Amit Singh on this issue, you can refer to Remove-ExchangeCertificate (ExchangePowerShell) | Microsoft Learn for more information
If you have any questions, you can always contact us. If the answer is helpful, please click "Accept Answer" because it can help other Microsoft Q&A community members who have encountered similar problems and are looking for solutions. Thank you.
Best,
Jeanne
Thank you.