can i create a self signed certificate in SBS2008 without using the wizard?

Neal58
Neal58 used Ask the Experts™
on
can i create a self signed certificate in SBS2008 without using the wizard?

I ask this because the connect to the internet wizard constantly crashes, but i dont want to muck other bits of the server up.

at the moment its coming up with a certificate warning for all clients running outlook for their emails.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
To get rid of the warning of one type or another, you will need to import the self signed certificate into the workstations and also make sure your broadcasting the correct names internally and externally.  If it is your first time doing such things it can be a frustrating thing.  I would recommend ponying up and just buy the multi domain (90 bucks a year), from go daddy, fix the issue with the wizard, then have it configure the 5 or so spots you need it to.
WORKS2011Managed IT Services, Cyber Security, Backup

Commented:
yes try these commands in exchange powershell:

1. to get the thumbprint type: Get-ExchangeCertificate -domain "servername" | fl
2. thumbprint in step 1 enter in step 3.
3. type: Get-ExchangeCertificate -thumbprint "2FB28F5075EFE9B30A8F8458DED0A137629F62D7" | New-ExchangeCertificate
4. you'll confirm "overwrite existing default SMTP certificate, take the new thumbprint and enter in step 5
5. Enable-ExchangeCertificate -thumbprint "FB5AECA6B39816F 02B3245BD1D953934HD8H730F" -services IIS manually restart IIS after as well.
WORKS2011Managed IT Services, Cyber Security, Backup

Commented:
you won't have to do anything on the workstations, make sure when Outlook opens a cert error doesn't come up as well you can test with OWA, if the above is done correctly you won't get a cert error.
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
actually checking what error is coming up it is:

The name of the security certificate is invalid or does not match the name of the site

I found this: http://support.microsoft.com/kb/940726 which attempts to deal with it, but i think it may be over my head a bit, can i check my FQDN or is it going to be remote.domain.com? what would my cas_servername be?
Principal Consultant
Most Valuable Expert 2016
Top Expert 2014
Commented:
If the wizard crashes you need to fix what's causing the problems... Because there are too many things you need to touch manually and it is highly likely you won't get them all in sync.

Believe me that it is worth taking a bit of time to figure out the underlying problems.  So I suggest you do that before spending 12 to 14 hours trying to get a self-signed certificate manually installed to every place it needs to go.

If you want to clean up those problems, please post a separate question and include the exact errors you are receiving or a copy of the wizard logs.
http://blogs.technet.com/b/sbs/archive/2008/10/01/key-small-business-server-2008-log-files.aspx

Jeff
TechSoEasy

Author

Commented:
I've requested that this question be deleted for the following reason:

ok will close this question and open a new one for the wizard failing
Jeffrey Kane - TechSoEasyPrincipal Consultant
Most Valuable Expert 2016
Top Expert 2014

Commented:
The question was asked, "can i create a self signed certificate in SBS2008 without using the wizard?" and my answer was essentially, "NO".  Which is a valid answer and the question should not be deleted.

Please accept my comment http:#38013384 as the solution to this question.

Thank you!

Jeff
TechSoEasy

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial