Solved

SBS 2003 R2 RWW OWA SSL Certificate Problem

Posted on 2008-10-24
5
1,351 Views
Last Modified: 2012-05-05
If I install legitimate certificates from Comodo or Equifax or even a self-signed certificate using the Configure Email and Internet Connection Wizard ( CEICW ) the error exists. It trusts nothing! I have been issued two different basic FREE certificates from InstantSSL and RapidSSL & neither of them or the self-signed one are trusted by the server.
0
Comment
Question by:dsasc
  • 3
  • 2
5 Comments
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22800892
Look in the Trusted Root Certification Authorities store on your server. That list is all the Certification Authorities that your server will trust. Do you see the companies that issued you those certificates in the list?
0
 

Author Comment

by:dsasc
ID: 22800911
Yes.
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22800926
Did you get a individual certificate or a certificate chain (p7b) file from the issuer?
0
 

Author Comment

by:dsasc
ID: 22801009
How about we keep this really simple. Limit conversation to the self-signed certificate. In this case, the Small Business Server is the Certification Authority and it creates a self-signed certificate that is trusted by itself.

When the Small Business Server creates a self-signed certificate, you can access the site locally (on the server) using; https://SERVERNAME/SITENAME and the certificate is indeed trusted. When viewed, the Certification Path shows servername.domain.com as the root path and the Certificate status section shows "This certificate is ok"

In the problem environment, when the Small Business Server creates a self-signed certificate, you can access the site locally (on the server) using; https://SERVERNAME/SITENAME and the certificate is not trusted. When viewed, the Certification Path shows servername.domain.com as the root path and the Certificate status section shows "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store."

The statement in the Certificate status section is false.
0
 

Accepted Solution

by:
dsasc earned 0 total points
ID: 22927966
Eventually... after several days and countless support hours they "allowed" escalation to someone who repaired and validated the repair in 3 minutes. OMG! Microsoft support fixed this one by running certutil.exe -repairstore with specifics related to the certificate.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question