Solved

Server SBS 2011 certificate problems!

Posted on 2012-12-20
3
815 Views
Last Modified: 2013-01-02
Okay so we had a 3rd party company set up our server previously. I recently started helping doing IT here.

I like to think I'm pretty knowledgeable at a lot of things on windows...except certificates. I'm not exactly sure how to fix some of our problems.

We have a wireless radius server where the clients use to connect without having to worry with passwords using machine authentication. Problem is it stopped working today. After digging around I found out that some of the certificates expired. Problem is I have no idea how to renew them. They're just self signed ones.

How do I fix this?


ALSO

They must have set up the mail server to expire too. I ran the SBS fix it for me wizard, and it fixed it, but now it's getting me an error that the name is wrong. How do i change the certificate's name, because it's pointing at the wrong server.

PS

How do I simply decommission the mail server on our server? We are using our headquarters e-mail server now, I mean I'm getting certificate errors for a server we're not using anymore.
0
Comment
Question by:Pancake_Effect
  • 2
3 Comments
 
LVL 12

Accepted Solution

by:
marcustech earned 500 total points
ID: 38713160
I don't actually have any live SBS2011 radius deployments, unfortunately, but I'm fairly sure that the certificate used is actually the same certificate that's used for IIS/OWA. The easiest way to create a new one of these, and most likely also fix the non-matching name issue you're getting from Exchange, is to run the "set up your internet address" wizard, under the "Network" --> "Connectivity" tab in SBS Management. This will issue a new self-signed certificate for the domain name you specify and update Exchange and IIS to use the new certificate. I believe this will automatically update the cert used for Radius, but I'm not 100% sure, I'm just setting up a quick test, will report back.
Regarding removing exchange from SBS2011, it's not really possible - the SBS2011 package is pretty much all-or-nothing, but there's no real reason not to just let exchange run in the background. You could just use Windows 2008 Standard, or 2011 Essentials, but you'd lose the useful management and reporting tools. Googleing for "SBS 2011 remove exchange" (sans quotes) gives a few possible approaches, but there's nothing supported.
0
 
LVL 12

Assisted Solution

by:marcustech
marcustech earned 500 total points
ID: 38713201
Just had a quick look on one of my sbs2011's - It looks like once you've issued the new certificate you might have to update the NPS config to use it. To do this, open "Network Policy Server" from Administrative Tools. In the drop-down in the centre of this screen, select "Radius Server", then drill down to Policies --> Network Policies. Open the "Secure Wireless Connections" policy (this is the default name, it might be different on your server), and select the "Constraints" tab. Select "Microsoft Smart Card or other Certificate" in the "EAP Types" section and click "Edit". Select your new certificate, and ok all the way out. Re-start the NPS services and you should be good to go.
0
 
LVL 4

Author Closing Comment

by:Pancake_Effect
ID: 38738019
Thanks for the help!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question