If you are migrating from Exchange 2003 to Exchange 2010 and you want to import the old certificate to the new server or you want to use an existing single name SSL certificate, the domain name on the certificate does not match the names on the server so Outlook clients get a certificate error when connecting to the new Exchange 2010 server.
Actually, Microsoft not recommend to import the certificate (which is exported from Exchange 2003 server) into Exchange 2010 server
The recommended steps should be the following:
1. Generate a certificate request from Exchange 2010.
2. Submit the request to
3. Import the new certificate into Exchange 2010 server.
4. Enable it for Exchange services such as IIS
In this Scenario, the certificate is from Exchange 2003 server, so the domain name in the certificate only has one - the external FQND name. So, we need to follow the KB940726 to change all internal URL to the external url. So, please check if the Exchange 2010 external FQDN name is the same as the name in the Exchange 2003 certificate, if yes, you can try the KB940726. If not, you have to generate a new exchange certificate request. If you changed all internal url to external url, to recreate new DNS record (with external FQDN) in internal DNS server and point to the Exchange 2010 CAS server is best.
Create a New Exchange Certificate