certificate error on domain contoller

I have a domain controller who acts as a "Microsoft Active Directory Certificate Services  --  saturn"---CA server.

when I open this page, it always shows the certificate error as showed in the attachment. Could I fix this error?

this is windows server 2008. thanks.
certificate-error-01.png
certificate-error-02.png
Jason YuAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sweetfa2Commented:
The windows server Saturn requires a new certificate.  Depending on how your organisation currently provides certificates to your server will depend on how you go about fixing it.

The server itself needs a new certificate as the current certificate has expired.

It is possible to create your own certificates but then you need to set up a suitable internal trust authority to manage certificate disbursement.  You don't want just anybody able to authorise certificates pretending to be your servers.

Generally a certificate for an organisation is obtained from some company like Verisign.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jason YuAuthor Commented:
Do you mean I need create a user certificate for this server? Or create a root certificate for this server?

After I create this certificate and install it on this server, do I need update all other servers' root certificate because other servers are using the user certificates provided by this server, please advise.

thank you.
0
Webinar: Miercom Evaluates Wi-Fi Security

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom how WatchGuard's Wi-Fi security stacks up against the competition in our upcoming webinar!

sweetfa2Commented:
You need to create a server certificate, not a user certificate.

The certificate that is out of date is the certificate that identifies the server, and is how it encodes/decodes it's SSL connections.

Whoever currently creates your root certificates can remain the same.

The machines that access the server do not require change as they are a client and they request the certificate from the server automatically.  As long as the root certificate for the server is trusted on each of the client machines there will not be any issue.
0
Jason YuAuthor Commented:
when I was following the link you posted here, I got a different screen as in the attachment, it's different than the one show inside the link.
certificate-error-01.jpg
0
Jason YuAuthor Commented:
When I was creating the server certificate, I get a different screen, it's different than the one showed on the article.

It only has Saved Request:

Base-64-encoded certificate request:....

It doesn't have a place to input key options.
My-interface-for-input-request.jpg
their-interface-for-creating-cer.jpg
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.