HELP! Exchange 2010 Certificate(s)

Today I started getting security alerts (see screen shot) when anyone opens Outlook regarding an expired certificate. I logged into our Exchange 2010 server and looked at the certificates (see screen shot) and noticed that two certificates were expired. But our main SSL cert wasn't expiring for a few more months. When I attempted to renew the certificates using http://smtp25.blogspot.com/2009/09/security-certificate-has-expired-or-is.html I think I made things worse. Before you could just click YES on the Security alerts and Outlook would open and connect. Now Outlook won't even connect giving me a proxy error (see screen shot). So now nobody in my company can connect to email. This is extremely bad!!!

I know very little about certificates. Not sure why our Exchange server has like 10 certificates.

I need the Expert's help on this. If there is any additional information you need that you can't get from the screenshots, please let me know. I have to fix this IMMEDIATELY!!! HELP!!
ScreenShot.png
theBlaineAsked:
Who is Participating?
 
Malli BoppeCommented:
remove all the expired certs and assign the IIS service to the  third party external cert.
0
 
Cris HannaCommented:
Since you put this question in the SBS Zone, going to assume you're running SBS 2011.  Run the Fix my network wizard on the SBS console (Network > Connectivity)
0
 
theBlaineAuthor Commented:
mboppe: So far removing the expired and assigning IIS to the 3rd party has worked. Everyone is now able to connect, however, I've gotten a few reports of a security certificate alerts popping up. Ive asked them to leave it up next time it happens so I can view the certificate. I will post what I find, but so far your suggestion seems to have fixed the problem! I'm going to give it a day before I call this a success!

CrisHanna_MVP: I ran that wizard and it found multiple things. I'm going to wait until I can confirm the Exchange certificate issue is resolved then tackle the other issues. Thanks for the heads-up on that wizard.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Cris HannaCommented:
Those pop ups you're getting should be the result of a expired cert internally and that should be one of the things displayed in the Fix My Network Wizard as an issue
0
 
theBlaineAuthor Commented:
Is it normal to have this many certificates (see screenshot)? Seems like all I really need is the 3rd party one. Maybe the certs were created yesterday when I was trying to fix the problem?
screenshot.jpg
0
 
Malli BoppeCommented:
You just need one third party SAN certificate with following names

mail.domain.com (What ever your webmail url is)
autodiscover.domain.com
SBSservername.domain.local (Optional)

Also you  need to make sure that all your webapp url are set properly
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.