Solved

Is SBS 2003 server's Certificate, that is used by the IIS for SSL, required for the Server's trust with the client?

Posted on 2008-06-16
4
614 Views
Last Modified: 2008-06-30
We've recently replaced the local SBS 2003 (not R2) server's motherboard and reinstalled the server.
The current motherboard is Intel's S3210SHLC motherboard that comes bundled with Intel's management and monitoring system - "Intel System Management Software 2.0" which I'd like to install.

The problem is that, when installing this system, it throws the following error:
"Setup can not continue because either:
1. SSL is enabled on the defualt web site with a self-signed certificate. To continue disable SSL or change the certificate.
2. There is not a default web site. Please reinstall IIS."

Now, since the IIS is installed and working and there is a default web site, I guess the SSL Certificate is the issue here. Unfortunately, I don't know how to disable the SSL requirement for the defualt web site and I don't want to delete the certificate as it might be required for the every day trust / authentication between the server and the client work stations (i.e. domain controller's sercurity ).

I'd appreciate if you could advice me with this issue ASAP.
0
Comment
Question by:Tomer73
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 25

Expert Comment

by:kieran_b
ID: 21791933
The SSL certificate is only required for OWA and RPC/HTTP - if you remove it, you can break those things.

You could uninstall the certificate (by removing it) then installing the intel software then reset the certificate (by re-running the wizard, or manually)

I am concerned that wouldn't work though, as the intel software may freak right out.

What I would be more inclined to do (assuming not using this intel software is not an option) is buy a certificate from http://www.rapidssl.com or http://www.certificatesforexchange.com - it will cost you maybe $30-$40 and seems like it would comply with the intel software.
0
 

Author Comment

by:Tomer73
ID: 21800511
First Thanks for the prompt reply!

The point is that I don't really need a 3rd party certificate for what we actually use on this SBS server. Thus I'd be happy not to mess with that only for the purpose of local system management. I'd be happy to know if the following options are possible:
1. Just disable the SSL for the default web site without having it uninstalled.
2. Backup this certificate so it could be reused at later time if required.

Finally, just to clarify things, from your answer, I understand that there should not be any authentication/trust problems between the server and the client work stations once this certificate is removed for the sake of the Intel "System Management Software". Is it right?

Thanks a lot,
Tomer.
0
 
LVL 25

Accepted Solution

by:
kieran_b earned 125 total points
ID: 21800971
Disabling SSL is not something I would recommend.  If this were within my control, I would either give up on this intel software or buy a certificate.

That said, you *could* get away with just removing the certificate from the default website - I am not sure what it would break preciseley, but it would extend past Outlook Web Access, RWW, CompanyWeb and sharepoint.  The VPN would be fine, daily communications would be fine, just (some) web functions would be affected.

Still, for the sake of <$50...
0
 

Author Comment

by:Tomer73
ID: 21820084
Hi,

I've decided to not install Intel System Management till I'll find a decent solution for the SSL certificate issue. Alternatively, I use an ultra light and simple free utility called "Core Temp" (http://www.alcpu.com/CoreTemp/) that supports Intel's S3210SH motherboard just to monitor the CPU temp.

Thanks for everything,
Tomer.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question