Q: Can I re-use the existing SSL certificate on my Exchange 2010 or 2013 servers for my new Exchange 2016 servers?
A: Yes.
There are three basic requirements of your Exchange 2016 SSL certificate:
- The certificate must contain the names (i.e. the URLs or namespaces) that clients will be connecting to over HTTPS, for example https://mail.exchangeserverpro.net/owa for Outlook on the web
- The SSL certificate must still be within its validity period (start and end dates)
- The SSL certificate must be from a certificate authority that the connecting clients (Outlook, web browsers, mobile devices, etc) trust
As long as your existing SSL certificate meets those requirements then yes, you can use it.
It is also recommended to use the same SSL certificate when you are in an Exchange Server 2013 and 2016 co-existence scenario and you are load balancing client traffic across the Exchange 2013 and 2016 servers. Both Exchange Server 2013 and 2016 are capable of up-level and down-level proxying of client connections, so this is a perfectly fine configuration. And as is always recommended, all servers in a load-balanced pool should use the same SSL certificate.
To re-use your existing SSL certificate export it from Exchange 2010 or Exchange 2013 and import it to the new Exchange 2016 servers.
i have a certificate for EXMP:- Mailserver.mydomain.net/owa on exchange server 2016. Can i use the same cert. on mynewexchange.server.mydomain.net?
If you’re using the same client access namespaces that are already present on the certificate, then yes you can re-use the certificate.