How to renew the self-signed SBS 2008 certificate if I have a 3rd party cert for exchange installed?

Hi,
I am using a valid long lasting 3rd party certificate for mail.company.com which works fine for mobile user access.

Now the self-cert certificate for sbs.company.local has expired.
I get the message that I could renew it using the task "new exchange certificate".

I don't know how to renew the certificate for sbs.company.local and make sure the mail.company.com certificate remains untouched.

Thanks in advance for your help,
Andreas
Andreas200Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
WORKS2011Connect With a Mentor Austin Tech CompanyCommented:
try these commands:

1. to get the thumbprint type: Get-ExchangeCertificate -domain "servername" | fl
2. thumbprint in step 1 enter in step 3.
3. type: Get-ExchangeCertificate -thumbprint "2FB28F5075EFE9B30A8F8458DED0A137629F62D7" | New-ExchangeCertificate
4. you'll confirm "overwrite existing default SMTP certificate, take the new thumbprint and enter in step 5
5. Enable-ExchangeCertificate -thumbprint "FB5AECA6B39816F 02B3245BD1D953934HD8H730F" -services IIS
0
 
Andreas200Author Commented:
Thanks for your help.
The problem is that the 3rd party cert is for "mail.company.com" but the servername is "sbs.company.local".
0
Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

 
Larry Struckmeyer MVPCommented:
Don't know what you have already invested in this, but the solutiion is about $20/yr with a Go Daddy cert using the SBS wizards to create and install it.  Not sure I would spend a lot of time on it for that price.
0
 
Andreas200Author Commented:
Thanks WORKS2011 - i will give it a try and let you know.

Andreas
0
 
Rob WilliamsCommented:
You should really fix the problem of mismatched names. To do so simply run the "Set up your internet address wizard" and in step #7 of the following link choose advanced settings and enter mail.company.com  That should eliminate the mis-match and generate a new self signed cert. If not, once done run the fix my network wizard and it will do so.
http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx
0
 
Andreas200Author Commented:
Hello WORKS2011,

there is a side effect: the new certificate has a validity of 7 days only.
How can I fix a validity of e.g. 3 years?

Andreas
0
 
WORKS2011Austin Tech CompanyCommented:
go into IIS manager and highlight severname, in the right pain double click "Server Certificates" you should see your cert here.

I would create a new cert and give it a year or longest possible time then replace the newly created cert with the steps I mentioned above.

Let me know how this works out for you.
0
All Courses

From novice to tech pro — start learning today.