?
Solved

Unable to login to Remote Web Workplace since changing IP address to Server because Security Certificate points to old IP

Posted on 2006-11-01
12
Medium Priority
?
379 Views
Last Modified: 2012-05-05
I recently changed the IP address to our server to resolve VPN issue. I've got everything communicating and no problems so far with the exception of remote login to Web Workplace. Users can access Remote Exchange. Users can access server with VPN now but when they (and myself) have gone to access Remote Web Workplace we get either the following message "the name on security certificate is invalid or does not match the name of the site. Issued to 192.xxx.x.x Issued by 192.xxx.x.x. or get a "page cannot be displayed". How do I go about correcting this matter? Quickly.
0
Comment
Question by:JeTopete
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 17854556
Do you have one or two NICs?  If two, did you change the internal IP Address?  If so, or if you have just one NIC, then you need to run the Change Server IP Address Wizard. (If you didn't use this, just run it with your new, current IP).

You will then follow that by rerunning the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email)

A visual how-to is here:  http://sbsurl.com/ceicw

You can recreate the server certificate within the CEICW.

Jeff
TechSoEasy
0
 

Author Comment

by:JeTopete
ID: 17858370
Just the one NIC. I ran the Wizard but failed to run the certificate portion of it or I should say since it wasn't selected I left it as it was not realizing. Do you think that's what it is? I ran it again and initiated a new cert to be issued. I tried logging in last night and although the first window that popped up was a request to download and install a cert, I was still not able to log in. Reviewing the cert still showed the old IP address but I remember seeing something in another post that it could take several days to update. Is this true?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17858984
You "ran the Wizard"?  I mentioned TWO wizards above...

So, no, it doesn't take several days to update this.  You need to run the Change Server IP Address Wizard, then the CEICW to REISSUE the certificate.  Do not skip this part.

Jeff
TechSoEasy
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:JeTopete
ID: 17859817
Already ran both wizards when I changed the IP over the weekend. The wizard that I'm referring to is the CEICW. Originally ran it after I ran the Change Server IP address wizard, but did not create a new web server cert at that time because I was reluctant to change too many things. Did not realize that the cert had been created since all of this was already taken care of by the individual that set the server up last December. I just ran it again yesterday afternoon to reissue the cert. I hope that this takes care of the problem. Truth is I'm a bit concerned because if I issued the cert yesterday afternoon, people would be able to logon, wouldn't they?
0
 

Author Comment

by:JeTopete
ID: 17866624
I hate to sound like a total Goober but I tried logging from home again last night and had no luck. The pop up to download the cert came up again but when I looked at the details it still shows that the cert is pointing to the old IP. What am I not doing? Am I missing a step or something?
I was going over the help info on SBS 2003 and it pointed to the location that the certificate should be at. I was able to find it under D:\ClientApps\SBScerts. It shows the date of 11/1 and that is when I created it. I moved the ClientApps folder off of the C drive a couple of months ago to regain disk space. Would that have something to do with it?
Is there a way to verify what IP address the Cert contains? The CEICW shows the correct IP address when I run it. Am I suppose to push it out to the clients somehow?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17867327
The only issue with moving the clientapps folder is that it has to be moved back to install SP1 and then can be moved again to wherever you want.  But if the certificate was in the current ClientApps folder, then there's no problem with that.

Please open IIS Manager and go to Web Sites > Default Web Site.  Right Click for Properties and then go to the Directory Security Tab.  Click the View Certificate and see if that's the one you created on November 1st.  If it isn't you can replace it with the correct one using the "Server Certificate..." button on that screen.

Jeff
TechSoEasy
0
 

Author Comment

by:JeTopete
ID: 17868245
Okay thanks.
0
 

Author Comment

by:JeTopete
ID: 17868324
One more thing. When I ran the CEICW, under the create Web Server Certificate, the Web Server Name listed had our mail.companyname.com already listed when I selected Create a new Web server certificate. The old cert listed the IP address 192.168.1.1 when I looked under the details. Where does the program get the name or information? Should I have changed it to the IP address instead? Is one method preferrible over the other? If this is where the cert gets the information I'm thinking that had the guy who set this up previously listed the mail.company.com instead of the IP address nothing would have broken. Is this true?
0
 

Author Comment

by:JeTopete
ID: 17868474
Yes it is listed. I'd like to add one more comment here before closing this. I'm assuming that this has now worked but am unable to verify, I'm waiting on our Sales Manager to get back to me with the results.
As I mentioned three posts ago, the information I was looking over this morning, I read somewhere that I would have to run the CEICW again to set the certificate. I did so right after that and when I accessed the site from here in the office the new cert that was pushing out was the new one I created, it listed the mail.companyname.com. Previously, it still showed the old Cert with the old IP address on it. So I think that was the one step I was missing. Do you agree?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17868501
Your certificate needs to be created with the FQDN that you use to connect remotely.  You would never want it to be 192.168.1.1 because that's an internal IP.  It would either need to be something like mail.company.com or your EXTERNAL static IP if that's what you are using to connect.

So, yes, that was the step you were missing.

Jeff
TechSoEasy
0
 

Author Comment

by:JeTopete
ID: 17868658
OMGosh!!! LoL. Jeff, you won't believe this but THAT was the gateway IP address. The server IP was 192.168.1.10.
This has been quite a learning experience to say the least.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17868855
Well that is a good thing to learn, but it wouldn't have changed the outcome if you had used 192.168.1.10 because again that's the INTERNAL IP for the server.  192.168.x.x is a PRIVATE IP Range and is not resolvable on the Internet.  Take a look at http://sbsurl.com/net101 for info about how your network interfaces with the Internet.

Jeff
TechSoEasy
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question