SSL certificate in SBS2008

I applied for a SAN/UCC certificate with domainsforexchange.net and got my certificate back after submitting a request file I had genertated with the SSL certificate generator in SBS2008.  Now I'm confused about how to install the certificate.  I've read several articles on the installation process but I'm not sure how to install it and for what services.
chasmx1Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

yasserdCommented:
For what did you request the certificate (i.e. website)?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MCSA2003Commented:
In IIS you used steps to generate a CSR. It would have been several lines of jibberish characters. This would have been used to create the certificate, and you pasted this in the site where you purchased the SSL from. Now download the certificate they generated and save it to your desktop. Go back into IIS and select the option to complete the request (or something along this line). There should also be a tutorial on the site in which you purchased the SSL from.
0
Make Network Traffic Fast and Furious with SD-WAN

Software-defined WAN (SD-WAN) is a technology that determines the most effective way to route traffic to and from datacenter sites. Register for the webinar today to learn how your business can benefit from SD-WAN!

Cris HannaSr IT Support EngineerCommented:
I think you all are forgetting that this is SBS 2008.
You should simply be able to add the cert using the trusted 3rd party cert wizard on the SBS console.  Did this CERT come from GoDaddy?
0
chasmx1Author Commented:
It was from their sister company, Starfield.  There were two certificates in theit zip to me.  Starfield1 & starfield2.  I had to download the intermidiate certificate separately.  I was able to install it using the snap in but the main cert errored out.
0
Shreedhar EtteCommented:
Hi,

Have checked the suggested links?

What is the error you are getting?

-----------
Shree
0
chasmx1Author Commented:
I got the certificates installed by resubmitting my certificate request to the certificate issuer and then processing the new certificates.  Now I can't get to my RWW site.  I can ping "remote.mywebsite.com" but I can't bring up "https://remote.mywebsite.com".  I get a 505 error.
remote-http-error.bmp
0
Cris HannaSr IT Support EngineerCommented:
The correct link for RWW should be https://remote.ettsys.com/remote
 
0
MCSA2003Commented:
Chris is the MVP, but on the SBS 2008 boxes I believe that you do not need to add the trailing /remote, I thought this was for SBS 2003? I just tried 2 of my clients and it is just https://remote.mydomain.com. Can you access this site internally by https://servername or https://serveripaddress?
0
Cris HannaSr IT Support EngineerCommented:
well, to be honest, I'd never tried it, but if you do  https://remote.mydomain.com when you look at address bar after connection it resolves to  https://remote.mydomain.com/remote so both work
To the author, I'd suggest that you download and run the SBS 2008 BPA (www.sbsbpa.com) and fix anything it finds and see if you can connect at that point.
0
chasmx1Author Commented:
I get a 403 access denied from within a VPN connection.  The trailing second remote is no help.
0
Cris HannaSr IT Support EngineerCommented:
have you run the SBS BPA?
0
chasmx1Author Commented:
I just ran the SBS2008 Connect to the Internet and Fix My Network and then BPA and there was a bad A record reported but I didn't see it in the DNS app. There also was one other warning having to do with permissions.  See attached.

Thanks
BPA.xml
0
Cris HannaSr IT Support EngineerCommented:
I've downloaded the xml so I can load it up in my own BPA (much easier to read)
I'll reply on Tues after looking at it.
0
chasmx1Author Commented:
thanks
0
Cris HannaSr IT Support EngineerCommented:
Have you applied SBS 2008 Update Rollup 3 yet?   It's probably not going to fix your SSL cert, but if I recall, it fixes this particular issue
But in DNS Expand the Server Name Expand Forward Lookup Zones then expand the .local domain   Check the A records there for your server and see if any have 2 IPs
I've not dealt with the UCC certs to be honest, but do you know what the URLs were that were submitted and do they match what came back in the cert?
By default the URL for a cert for SBS 2008 is remote.domainname.com
You must also have an A record in your public DNS to match that URL
0
chasmx1Author Commented:
Thanks, I finally got it working.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.