Solved

Is SBS 2003 server's Certificate, that is used by the IIS for SSL, required for the Server's trust with the client?

Posted on 2008-06-16
4
613 Views
Last Modified: 2008-06-30
We've recently replaced the local SBS 2003 (not R2) server's motherboard and reinstalled the server.
The current motherboard is Intel's S3210SHLC motherboard that comes bundled with Intel's management and monitoring system - "Intel System Management Software 2.0" which I'd like to install.

The problem is that, when installing this system, it throws the following error:
"Setup can not continue because either:
1. SSL is enabled on the defualt web site with a self-signed certificate. To continue disable SSL or change the certificate.
2. There is not a default web site. Please reinstall IIS."

Now, since the IIS is installed and working and there is a default web site, I guess the SSL Certificate is the issue here. Unfortunately, I don't know how to disable the SSL requirement for the defualt web site and I don't want to delete the certificate as it might be required for the every day trust / authentication between the server and the client work stations (i.e. domain controller's sercurity ).

I'd appreciate if you could advice me with this issue ASAP.
0
Comment
Question by:Tomer73
  • 2
  • 2
4 Comments
 
LVL 25

Expert Comment

by:kieran_b
ID: 21791933
The SSL certificate is only required for OWA and RPC/HTTP - if you remove it, you can break those things.

You could uninstall the certificate (by removing it) then installing the intel software then reset the certificate (by re-running the wizard, or manually)

I am concerned that wouldn't work though, as the intel software may freak right out.

What I would be more inclined to do (assuming not using this intel software is not an option) is buy a certificate from http://www.rapidssl.com or http://www.certificatesforexchange.com - it will cost you maybe $30-$40 and seems like it would comply with the intel software.
0
 

Author Comment

by:Tomer73
ID: 21800511
First Thanks for the prompt reply!

The point is that I don't really need a 3rd party certificate for what we actually use on this SBS server. Thus I'd be happy not to mess with that only for the purpose of local system management. I'd be happy to know if the following options are possible:
1. Just disable the SSL for the default web site without having it uninstalled.
2. Backup this certificate so it could be reused at later time if required.

Finally, just to clarify things, from your answer, I understand that there should not be any authentication/trust problems between the server and the client work stations once this certificate is removed for the sake of the Intel "System Management Software". Is it right?

Thanks a lot,
Tomer.
0
 
LVL 25

Accepted Solution

by:
kieran_b earned 125 total points
ID: 21800971
Disabling SSL is not something I would recommend.  If this were within my control, I would either give up on this intel software or buy a certificate.

That said, you *could* get away with just removing the certificate from the default website - I am not sure what it would break preciseley, but it would extend past Outlook Web Access, RWW, CompanyWeb and sharepoint.  The VPN would be fine, daily communications would be fine, just (some) web functions would be affected.

Still, for the sake of <$50...
0
 

Author Comment

by:Tomer73
ID: 21820084
Hi,

I've decided to not install Intel System Management till I'll find a decent solution for the SSL certificate issue. Alternatively, I use an ultra light and simple free utility called "Core Temp" (http://www.alcpu.com/CoreTemp/) that supports Intel's S3210SH motherboard just to monitor the CPU temp.

Thanks for everything,
Tomer.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This video discusses moving either the default database or any database to a new volume.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question