Solved

How to renew the self-signed SBS 2008 certificate if I have a 3rd party cert for exchange installed?

Posted on 2012-03-17
8
945 Views
Last Modified: 2012-03-18
Hi,
I am using a valid long lasting 3rd party certificate for mail.company.com which works fine for mobile user access.

Now the self-cert certificate for sbs.company.local has expired.
I get the message that I could renew it using the task "new exchange certificate".

I don't know how to renew the certificate for sbs.company.local and make sure the mail.company.com certificate remains untouched.

Thanks in advance for your help,
Andreas
0
Comment
Question by:Andreas200
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 37732985
0
 

Author Comment

by:Andreas200
ID: 37733023
Thanks for your help.
The problem is that the 3rd party cert is for "mail.company.com" but the servername is "sbs.company.local".
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 37733577
Don't know what you have already invested in this, but the solutiion is about $20/yr with a Go Daddy cert using the SBS wizards to create and install it.  Not sure I would spend a lot of time on it for that price.
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
LVL 17

Accepted Solution

by:
WORKS2011 earned 500 total points
ID: 37734018
try these commands:

1. to get the thumbprint type: Get-ExchangeCertificate -domain "servername" | fl
2. thumbprint in step 1 enter in step 3.
3. type: Get-ExchangeCertificate -thumbprint "2FB28F5075EFE9B30A8F8458DED0A137629F62D7" | New-ExchangeCertificate
4. you'll confirm "overwrite existing default SMTP certificate, take the new thumbprint and enter in step 5
5. Enable-ExchangeCertificate -thumbprint "FB5AECA6B39816F 02B3245BD1D953934HD8H730F" -services IIS
0
 

Author Comment

by:Andreas200
ID: 37734227
Thanks WORKS2011 - i will give it a try and let you know.

Andreas
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 37734253
You should really fix the problem of mismatched names. To do so simply run the "Set up your internet address wizard" and in step #7 of the following link choose advanced settings and enter mail.company.com  That should eliminate the mis-match and generate a new self signed cert. If not, once done run the fix my network wizard and it will do so.
http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx
0
 

Author Comment

by:Andreas200
ID: 37734740
Hello WORKS2011,

there is a side effect: the new certificate has a validity of 7 days only.
How can I fix a validity of e.g. 3 years?

Andreas
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 37735105
go into IIS manager and highlight severname, in the right pain double click "Server Certificates" you should see your cert here.

I would create a new cert and give it a year or longest possible time then replace the newly created cert with the steps I mentioned above.

Let me know how this works out for you.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended for migrating Windows 2003 Standard with Exchange 2003 to Windows Small Business Server 2008. You will need the following: Exchange Best Practice Analyzer: http://www.microsoft.com/downloads/details.aspx?FamilyID=DBAB201F-…
Introduction At 19:33 (UST) on Tuesday 21st September the long awaited email arrived with the subject title of “ANNOUNCING THE AVAILABILITY OF WINDOWS SBS 7 PREVIEW”.  It was time to drop whatever I was doing and dedicate as much bandwidth as possi…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question