SBS Server 2008 R2 certificate problems

Posted on 2013-01-12
Last Modified: 2013-04-26
I have a SBS Server 2008 R2 that has an expired certificate.  Every time one of the users logs into their 2010 Outlook it gives them the error attached.  I have followed online guides to create a new self signed certificate using comandlets in the power shell prompt but I keep getting an error that is telling me there is no such command.  This is one of the commandlets that I have run: Get-ExchangeCertificate | List.  I am running Exchange server 2007 which was configured during the installation process.  As was the original self signed certificate.  Any help would be much appreciated.
Question by:Camelroo75
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 38770777
Make sure that you are running the cmdlet from exchange management shell not windows power shell.

Author Comment

ID: 38772843
I have figured that out.  I now have a new Exchange certificate but now the error message is telling me that "the name on the security certificate is invalid or does not match the name of the site when I try and access Outlook 2010 on a client machine.
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38774978
The version of SBS that you have posted doesn't exist.
Either you have SBS 2008 or SBS 2011. The only variant that is at R2 level is 2003.

As this is SBS, the quickest way to resolve is to run the wizard to configure you internet name. That will generate a new certificate and put it in the correct place.
Ideally you should be using a commercial SSL certificate which would deal with the issues completely and costs $60/year.

Increase Agility with Enabled Toolchains

Connect your existing build, deployment, management, monitoring, and collaboration platforms. From Puppet to Chef, HipChat to Slack, ServiceNow to JIRA, Splunk to New Relic and beyond, hand off data between systems to engage the right people.

Connect with xMatters.


Author Comment

ID: 38775309
My appologies I have SBS 2008 Service Pack 2.  I don't feel that a SSL certificate is the right way to go since Exchange is only used for local domain access.  What wizard are you speaking of?
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38782612
On the Network config in the SBS tool, under Connectivy is Set up your Internet Address. Run that wizard again (you don't have to change anything).


Author Comment

ID: 38784196

Running through that wizard it is wanting me to setup Exchange for external e-mail.  This is a small business that uses Exchange to share calendars and inter-office e-mail that is all so this won't work for me.


Author Comment

ID: 38784307
This is one of the commands that I am having trouble with.

3.Change the InternalUrl attribute of the EWS. To do this, type the following command, and then press Enter:

Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl

This is from a Microsoft knowledge base in reference on how to fix my existing problem.

The problem is no matter what I put in for the ews it always give me an error and says that it doesn't exist.  Am I to take this command literally and type it exactly as it reads minus the name of my server?  Of course what I want the InternalUrl to be also.
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 500 total points
ID: 38785212
That is because SBS doesn't use the default web site for the web services for Exchange, it uses another one. If you run get-webservicesvirtualdirectory then you will see what is listed.

Exchange should really be used for all email, trying to use it for just some will usually cause you problems, with email going where it shouldn't for example.


Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
Changing a few Outlook Options can help keep you organized!
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question