How to renew the self-signed SBS 2008 certificate if I have a 3rd party cert for exchange installed?

Hi,
I am using a valid long lasting 3rd party certificate for mail.company.com which works fine for mobile user access.

Now the self-cert certificate for sbs.company.local has expired.
I get the message that I could renew it using the task "new exchange certificate".

I don't know how to renew the certificate for sbs.company.local and make sure the mail.company.com certificate remains untouched.

Thanks in advance for your help,
Andreas
Andreas200Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andreas200Author Commented:
Thanks for your help.
The problem is that the 3rd party cert is for "mail.company.com" but the servername is "sbs.company.local".
0
Larry Struckmeyer MVPCommented:
Don't know what you have already invested in this, but the solutiion is about $20/yr with a Go Daddy cert using the SBS wizards to create and install it.  Not sure I would spend a lot of time on it for that price.
0
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

WORKS2011Austin Tech CompanyCommented:
try these commands:

1. to get the thumbprint type: Get-ExchangeCertificate -domain "servername" | fl
2. thumbprint in step 1 enter in step 3.
3. type: Get-ExchangeCertificate -thumbprint "2FB28F5075EFE9B30A8F8458DED0A137629F62D7" | New-ExchangeCertificate
4. you'll confirm "overwrite existing default SMTP certificate, take the new thumbprint and enter in step 5
5. Enable-ExchangeCertificate -thumbprint "FB5AECA6B39816F 02B3245BD1D953934HD8H730F" -services IIS
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Andreas200Author Commented:
Thanks WORKS2011 - i will give it a try and let you know.

Andreas
0
Rob WilliamsCommented:
You should really fix the problem of mismatched names. To do so simply run the "Set up your internet address wizard" and in step #7 of the following link choose advanced settings and enter mail.company.com  That should eliminate the mis-match and generate a new self signed cert. If not, once done run the fix my network wizard and it will do so.
http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx
0
Andreas200Author Commented:
Hello WORKS2011,

there is a side effect: the new certificate has a validity of 7 days only.
How can I fix a validity of e.g. 3 years?

Andreas
0
WORKS2011Austin Tech CompanyCommented:
go into IIS manager and highlight severname, in the right pain double click "Server Certificates" you should see your cert here.

I would create a new cert and give it a year or longest possible time then replace the newly created cert with the steps I mentioned above.

Let me know how this works out for you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.