To renew a self-signed ssl certificate on an Exchange 2007 server:
Start the Exchange Management Shell, then:
Get-ExchangeCertificate -DomainName CAS01.contoso.com
Find the certificate that contains a “W” from the list of certificates For example, select IP.WS. The “W” indicates that the certificate is assigned to IIS.
Then to clone the certificate, run the following cmdlet (the thumbprint is unique):
Get-ExchangeCertificate -Thumbprint c4248cd7065c87cb942d60f7293feb7d533a4afc | New-ExchangeCertificate
The new cloned certificate will then be stamped with a new expiration date one year after the date you run the cmdlet.
And last but not least: assign the certificate to a service:
Enable-ExchangeCertificate -Thumbprint c4248cd7065c87cb942d60f7293feb7d533a4afc -Service IIS