How do I renew my ISA Server 2004 Certificate in SBS 2003?

I'm getting event 23402 in the logs on my SBS 2003 server:

The ISA Server certificate issued to <> will expire in less than 28 days. Verify that the correct certificate is selected in the Certificates page of the Web Listener Properties dialog box. If the problem persists renew the certificate with your certification authority (CA).

How do I go about renewing it and fixing this? It was not a certificate created by a third-party, we generated it ourselves.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

The certificate could be IIS related. Use IIS Management to renew the certificate or request a new one.
dbasplusAuthor Commented:
Thanks - but where in IIS do I do this?

I'm pretty sure this is the certificate used when our users connect remotely to the server via Remote Web Workplace.
First of all you should identify the certificate. You can identify the certificate either by looking at the event on the log (who is or by checking certificates listed in the ISA 2004 Web Listeners.
Instructions for ISA:
a. Open ISA,
b. Select "Firewall Policy" in the left pane,
c. Select Toolbox tab in the right pane,
d. Select "Network Objects" group,
e. Check one by one the Web Listeners listed,
f. The "Certificates" tab of each Web Listener shows the certificate used (if the Web Listener uses SSL). A button on the right "Select Certificate" shows you a list on Certificates. This list should help you identify the certificate.

Once you have identified the certificate, please report back. Thank you.
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

dbasplusAuthor Commented:
I have identified the certificate using the method you describe. It is for the URL (i.e. the etc I mentioned above - real domain name removed for privacy) we use to connect via Remote Web Workplace, with an expiration date of 12th January 2012.
The best method for renewing a SBS Certificate is running CEICW. You might find the following link usefull:

I give you some directions about the 2nd link:
a. At the 2nd window (Connection Type) select the option "Do not change connection type".
b. At the 12th window (Firewall) select the option "Do not change firewall configuration".
c. At the 14th window (Web Services Configuration) select the 2nd option "Allow access..." and select the Web site services needed.
d. At the 15th (HERE WE ARE!) window (Web Server Certificate) select the 1st option and write down the Web server name.
e. At the 16th window select the last option.
f. You should get at the last window with a summary of all settings.

Let me know.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dbasplusAuthor Commented:
Thanks. I created a new certificate using the CEICW.

Only issue I have now is when I go back to the ISA web listener and look at the certificate, both the old and new certificates are shown in the list (same certificate names, different expiry dates). Will it automatically use the new certificate when the old one expires? Or do I need to do something further?
You should set the Web Listener to use the new certificate. The new one is already valid. Be aware that users might get a warning message when accessing the web site after you have set the new certificate. The warning might indicate that the certificate is unknown.
dbasplusAuthor Commented:
Thanks for your help
You are welcome! Have a nice time and... Merry Christmas.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.