?
Solved

Is SBS 2003 server's Certificate, that is used by the IIS for SSL, required for the Server's trust with the client?

Posted on 2008-06-16
4
Medium Priority
?
621 Views
Last Modified: 2008-06-30
We've recently replaced the local SBS 2003 (not R2) server's motherboard and reinstalled the server.
The current motherboard is Intel's S3210SHLC motherboard that comes bundled with Intel's management and monitoring system - "Intel System Management Software 2.0" which I'd like to install.

The problem is that, when installing this system, it throws the following error:
"Setup can not continue because either:
1. SSL is enabled on the defualt web site with a self-signed certificate. To continue disable SSL or change the certificate.
2. There is not a default web site. Please reinstall IIS."

Now, since the IIS is installed and working and there is a default web site, I guess the SSL Certificate is the issue here. Unfortunately, I don't know how to disable the SSL requirement for the defualt web site and I don't want to delete the certificate as it might be required for the every day trust / authentication between the server and the client work stations (i.e. domain controller's sercurity ).

I'd appreciate if you could advice me with this issue ASAP.
0
Comment
Question by:Tomer73
  • 2
  • 2
4 Comments
 
LVL 25

Expert Comment

by:kieran_b
ID: 21791933
The SSL certificate is only required for OWA and RPC/HTTP - if you remove it, you can break those things.

You could uninstall the certificate (by removing it) then installing the intel software then reset the certificate (by re-running the wizard, or manually)

I am concerned that wouldn't work though, as the intel software may freak right out.

What I would be more inclined to do (assuming not using this intel software is not an option) is buy a certificate from http://www.rapidssl.com or http://www.certificatesforexchange.com - it will cost you maybe $30-$40 and seems like it would comply with the intel software.
0
 

Author Comment

by:Tomer73
ID: 21800511
First Thanks for the prompt reply!

The point is that I don't really need a 3rd party certificate for what we actually use on this SBS server. Thus I'd be happy not to mess with that only for the purpose of local system management. I'd be happy to know if the following options are possible:
1. Just disable the SSL for the default web site without having it uninstalled.
2. Backup this certificate so it could be reused at later time if required.

Finally, just to clarify things, from your answer, I understand that there should not be any authentication/trust problems between the server and the client work stations once this certificate is removed for the sake of the Intel "System Management Software". Is it right?

Thanks a lot,
Tomer.
0
 
LVL 25

Accepted Solution

by:
kieran_b earned 375 total points
ID: 21800971
Disabling SSL is not something I would recommend.  If this were within my control, I would either give up on this intel software or buy a certificate.

That said, you *could* get away with just removing the certificate from the default website - I am not sure what it would break preciseley, but it would extend past Outlook Web Access, RWW, CompanyWeb and sharepoint.  The VPN would be fine, daily communications would be fine, just (some) web functions would be affected.

Still, for the sake of <$50...
0
 

Author Comment

by:Tomer73
ID: 21820084
Hi,

I've decided to not install Intel System Management till I'll find a decent solution for the SSL certificate issue. Alternatively, I use an ultra light and simple free utility called "Core Temp" (http://www.alcpu.com/CoreTemp/) that supports Intel's S3210SH motherboard just to monitor the CPU temp.

Thanks for everything,
Tomer.
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question