HELP! Exchange 2010 Certificate(s)

Posted on 2013-11-25
Last Modified: 2013-12-02
Today I started getting security alerts (see screen shot) when anyone opens Outlook regarding an expired certificate. I logged into our Exchange 2010 server and looked at the certificates (see screen shot) and noticed that two certificates were expired. But our main SSL cert wasn't expiring for a few more months. When I attempted to renew the certificates using I think I made things worse. Before you could just click YES on the Security alerts and Outlook would open and connect. Now Outlook won't even connect giving me a proxy error (see screen shot). So now nobody in my company can connect to email. This is extremely bad!!!

I know very little about certificates. Not sure why our Exchange server has like 10 certificates.

I need the Expert's help on this. If there is any additional information you need that you can't get from the screenshots, please let me know. I have to fix this IMMEDIATELY!!! HELP!!
Question by:theBlaine
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
LVL 23

Accepted Solution

Malli Boppe earned 500 total points
ID: 39676677
remove all the expired certs and assign the IIS service to the  third party external cert.
LVL 35

Expert Comment

by:Cris Hanna
ID: 39677294
Since you put this question in the SBS Zone, going to assume you're running SBS 2011.  Run the Fix my network wizard on the SBS console (Network > Connectivity)

Author Comment

ID: 39678641
mboppe: So far removing the expired and assigning IIS to the 3rd party has worked. Everyone is now able to connect, however, I've gotten a few reports of a security certificate alerts popping up. Ive asked them to leave it up next time it happens so I can view the certificate. I will post what I find, but so far your suggestion seems to have fixed the problem! I'm going to give it a day before I call this a success!

CrisHanna_MVP: I ran that wizard and it found multiple things. I'm going to wait until I can confirm the Exchange certificate issue is resolved then tackle the other issues. Thanks for the heads-up on that wizard.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

LVL 35

Expert Comment

by:Cris Hanna
ID: 39678658
Those pop ups you're getting should be the result of a expired cert internally and that should be one of the things displayed in the Fix My Network Wizard as an issue

Author Comment

ID: 39678685
Is it normal to have this many certificates (see screenshot)? Seems like all I really need is the 3rd party one. Maybe the certs were created yesterday when I was trying to fix the problem?
LVL 23

Assisted Solution

by:Malli Boppe
Malli Boppe earned 500 total points
ID: 39679347
You just need one third party SAN certificate with following names (What ever your webmail url is)
SBSservername.domain.local (Optional)

Also you  need to make sure that all your webapp url are set properly

Featured Post

Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AddressList in EXCH2013 6 39
Outlook 2010 - Strange Address Books on every mailbox 1 53
exchange, owa 4 49
Email DNS Issue 2 22
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question