Solved

Server SBS 2011 certificate problems!

Posted on 2012-12-20
3
827 Views
Last Modified: 2013-01-02
Okay so we had a 3rd party company set up our server previously. I recently started helping doing IT here.

I like to think I'm pretty knowledgeable at a lot of things on windows...except certificates. I'm not exactly sure how to fix some of our problems.

We have a wireless radius server where the clients use to connect without having to worry with passwords using machine authentication. Problem is it stopped working today. After digging around I found out that some of the certificates expired. Problem is I have no idea how to renew them. They're just self signed ones.

How do I fix this?


ALSO

They must have set up the mail server to expire too. I ran the SBS fix it for me wizard, and it fixed it, but now it's getting me an error that the name is wrong. How do i change the certificate's name, because it's pointing at the wrong server.

PS

How do I simply decommission the mail server on our server? We are using our headquarters e-mail server now, I mean I'm getting certificate errors for a server we're not using anymore.
0
Comment
Question by:Pancake_Effect
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Accepted Solution

by:
marcustech earned 500 total points
ID: 38713160
I don't actually have any live SBS2011 radius deployments, unfortunately, but I'm fairly sure that the certificate used is actually the same certificate that's used for IIS/OWA. The easiest way to create a new one of these, and most likely also fix the non-matching name issue you're getting from Exchange, is to run the "set up your internet address" wizard, under the "Network" --> "Connectivity" tab in SBS Management. This will issue a new self-signed certificate for the domain name you specify and update Exchange and IIS to use the new certificate. I believe this will automatically update the cert used for Radius, but I'm not 100% sure, I'm just setting up a quick test, will report back.
Regarding removing exchange from SBS2011, it's not really possible - the SBS2011 package is pretty much all-or-nothing, but there's no real reason not to just let exchange run in the background. You could just use Windows 2008 Standard, or 2011 Essentials, but you'd lose the useful management and reporting tools. Googleing for "SBS 2011 remove exchange" (sans quotes) gives a few possible approaches, but there's nothing supported.
0
 
LVL 12

Assisted Solution

by:marcustech
marcustech earned 500 total points
ID: 38713201
Just had a quick look on one of my sbs2011's - It looks like once you've issued the new certificate you might have to update the NPS config to use it. To do this, open "Network Policy Server" from Administrative Tools. In the drop-down in the centre of this screen, select "Radius Server", then drill down to Policies --> Network Policies. Open the "Secure Wireless Connections" policy (this is the default name, it might be different on your server), and select the "Constraints" tab. Select "Microsoft Smart Card or other Certificate" in the "EAP Types" section and click "Edit". Select your new certificate, and ok all the way out. Re-start the NPS services and you should be good to go.
0
 
LVL 4

Author Closing Comment

by:Pancake_Effect
ID: 38738019
Thanks for the help!
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question