Trusted Certificates mysteriously appearing in Certificates MMC
Posted on 2005-05-03
First, thanks for taking time to help with this!
- Relatively new Dell 2850 Server - RAID 5
- MS Small Business Server 2003 Premium (has SQL Server Standard with it)
- IIS 6.0
- Created a Self Signed SSL Certificate using SelfSSL in Microsoft's IIS 6 Resource Kit
I started having SQL server problems that pointed to a Certificate problem. When I loaded the Certificates MMC snapin to see where the problem could be, I found 105 certificates listed under "Trusted Root Certification Authorities - Certificates" in both the Current User and Local Computer sections. They also appeared in other sub sections like "Third-Party Root Certification Authorities - Certificates". The certificates were from a number of organizations including "Deutsche Telekom", "GTE CyberTrust Root", "No Liability Accepted, Verisign, Inc.", and several other companies from around the world.
I exported then deleted all certificates. I recreated the self signed certificate and assigned it to the website that required it. Shortly after doing this, I saw that 5 or 6 Certificates had automagically appeared again. But 2 days later that's all that has shown up.
I also secured the firewall and server a little better after I did this. Can someone explain to me what is going on here and how this happened/s and what I can do to keep it from happening.