Avatar of Andreas200
Andreas200 asked on

How to renew the self-signed SBS 2008 certificate if I have a 3rd party cert for exchange installed?

Hi,
I am using a valid long lasting 3rd party certificate for mail.company.com which works fine for mobile user access.

Now the self-cert certificate for sbs.company.local has expired.
I get the message that I could renew it using the task "new exchange certificate".

I don't know how to renew the certificate for sbs.company.local and make sure the mail.company.com certificate remains untouched.

Thanks in advance for your help,
Andreas
SBS

Avatar of undefined
Last Comment
WORKS2011

8/22/2022 - Mon
Larry Struckmeyer MVP

ASKER
Andreas200

Thanks for your help.
The problem is that the 3rd party cert is for "mail.company.com" but the servername is "sbs.company.local".
Larry Struckmeyer MVP

Don't know what you have already invested in this, but the solutiion is about $20/yr with a Go Daddy cert using the SBS wizards to create and install it.  Not sure I would spend a lot of time on it for that price.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
ASKER CERTIFIED SOLUTION
WORKS2011

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
Andreas200

Thanks WORKS2011 - i will give it a try and let you know.

Andreas
Rob Williams

You should really fix the problem of mismatched names. To do so simply run the "Set up your internet address wizard" and in step #7 of the following link choose advanced settings and enter mail.company.com  That should eliminate the mis-match and generate a new self signed cert. If not, once done run the fix my network wizard and it will do so.
http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx
ASKER
Andreas200

Hello WORKS2011,

there is a side effect: the new certificate has a validity of 7 days only.
How can I fix a validity of e.g. 3 years?

Andreas
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
WORKS2011

go into IIS manager and highlight severname, in the right pain double click "Server Certificates" you should see your cert here.

I would create a new cert and give it a year or longest possible time then replace the newly created cert with the steps I mentioned above.

Let me know how this works out for you.