Andreas200
asked on
How to renew the self-signed SBS 2008 certificate if I have a 3rd party cert for exchange installed?
Hi,
I am using a valid long lasting 3rd party certificate for mail.company.com which works fine for mobile user access.
Now the self-cert certificate for sbs.company.local has expired.
I get the message that I could renew it using the task "new exchange certificate".
I don't know how to renew the certificate for sbs.company.local and make sure the mail.company.com certificate remains untouched.
Thanks in advance for your help,
Andreas
I am using a valid long lasting 3rd party certificate for mail.company.com which works fine for mobile user access.
Now the self-cert certificate for sbs.company.local has expired.
I get the message that I could renew it using the task "new exchange certificate".
I don't know how to renew the certificate for sbs.company.local and make sure the mail.company.com certificate remains untouched.
Thanks in advance for your help,
Andreas
ASKER
Thanks for your help.
The problem is that the 3rd party cert is for "mail.company.com" but the servername is "sbs.company.local".
The problem is that the 3rd party cert is for "mail.company.com" but the servername is "sbs.company.local".
Don't know what you have already invested in this, but the solutiion is about $20/yr with a Go Daddy cert using the SBS wizards to create and install it. Not sure I would spend a lot of time on it for that price.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks WORKS2011 - i will give it a try and let you know.
Andreas
Andreas
You should really fix the problem of mismatched names. To do so simply run the "Set up your internet address wizard" and in step #7 of the following link choose advanced settings and enter mail.company.com That should eliminate the mis-match and generate a new self signed cert. If not, once done run the fix my network wizard and it will do so.
http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx
http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx
ASKER
Hello WORKS2011,
there is a side effect: the new certificate has a validity of 7 days only.
How can I fix a validity of e.g. 3 years?
Andreas
there is a side effect: the new certificate has a validity of 7 days only.
How can I fix a validity of e.g. 3 years?
Andreas
go into IIS manager and highlight severname, in the right pain double click "Server Certificates" you should see your cert here.
I would create a new cert and give it a year or longest possible time then replace the newly created cert with the steps I mentioned above.
Let me know how this works out for you.
I would create a new cert and give it a year or longest possible time then replace the newly created cert with the steps I mentioned above.
Let me know how this works out for you.
Among others:
http://blogs.technet.com/b/sbs/archive/2008/09/20/introducing-the-add-a-trusted-certificate-wizard-in-sbs-2008.aspx
http://blogs.technet.com/b/sbs/archive/2010/08/19/a-guide-to-troubleshooting-outlook-certificate-warnings-authentication-prompts-in-sbs-2008.aspx