?
Solved

SBS2011 not using New SSL Certificate from GoDaddy

Posted on 2014-01-14
14
Medium Priority
?
407 Views
Last Modified: 2014-01-15
HI All.

We have today installed a New SSL Certificate onto our clients SBS2011 server.

We have used the SBS2011 Wizard found on the 'Network' - 'Connectivity' section and the wizard completed successfully however when we remote connect (From different PC's) the Padlock shows its using the old certificate (Based on the expiry date)

Does anyone know why please and how we resolve this issue.

Thank you
Regards
Andy
0
Comment
Question by:AndyKeen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 7
14 Comments
 
LVL 1

Author Comment

by:AndyKeen
ID: 39780016
Allow me to add to the above post.

Internally the certificate is used - i.e. if I go to remote.xxx.xo.uk/remote using i.e. on the server then the certificate used is the new one based on the certificate expiry date.
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 39780580
what happens if you reset iis and then try it?

what happens when you run 'fix my network'
0
 
LVL 1

Author Comment

by:AndyKeen
ID: 39780655
Hi Works2011

Thanks for the help.

I have running iisreset, restated the exchange transport service and run fix my network - all to no avail - it's made no difference at all.

Andy
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 1

Author Comment

by:AndyKeen
ID: 39780660
S
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 39780664
We have today installed a New SSL Certificate onto our clients SBS2011 server.
is it self signed, if so you need to copy from the public folder and install manually.
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 39780669
this article shows it's location, click here
0
 
LVL 1

Author Comment

by:AndyKeen
ID: 39780694
Thanks Works2011

No this is a renewal from GoDaddy. I have downloaded it from my godaddy control panel and installed it with the SBS wizard from the main sbs console.

Andy
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 39780723
Start / Administrative Tools / IIS Manager / server name / window on the right under IIS / double click Server Certificates and delete the old cert if there.
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 39780725
then reset IIS and test
0
 
LVL 1

Author Comment

by:AndyKeen
ID: 39780745
Thought I recognised the location - already did that earlier and have reset IIS.

Still no joy :(
0
 
LVL 17

Accepted Solution

by:
WORKS2011 earned 2000 total points
ID: 39780771
Run the following commands from PowerShell (in bold) basically you're locating the cert currently used by it's thumbprint and replacing with the new cert.

Get-ExchangeCertificate -domain "domainname" | fl


AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System
                     .Security.AccessControl.CryptoKeyAccessRule, System.Securi
                     ty.AccessControl.CryptoKeyAccessRule, System.Security.Acce
                     ssControl.CryptoKeyAccessRule}
CertificateDomains : {computername, computername.domain.local}
HasPrivateKey      : True
IsSelfSigned       : True
Issuer             : CN=computername
NotAfter           : 2/16/2011 11:34:03 PM
NotBefore          : 2/16/2010 11:34:03 PM
PublicKeySize      : 2048
RootCAType         : Unknown
SerialNumber       : 444FEF2E6F75B8864B86866DE2792FC2
Services           : IMAP, POP, IIS, SMTP
Status             : DateInvalid
Subject            : CN=computername
Thumbprint         : 2FB28F5075EFE9B30A8F8458DED0A19628D71F52



[PS] C:\Windows\System32>Get-ExchangeCertificate -thumbprint "2FB28F7055EFE9B30A
8F8458DED0A19628D71F52" | New-ExchangeCertificate

Confirm
Overwrite existing default SMTP certificate,
'2FB28F5075EFE9B30A8F8458DED0A19628D71F52' (expires 2/16/2011 11:34:03 PM),
with certificate 'FB5AECA6B39816F02B3245BD1D95394A573E1F02' (expires 2/22/2012
8:29:16 AM)?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help
(default is "Y"):y

Thumbprint                                Services   Subject
----------                                --------   -------
FB5AECA6B39816F02B3245BD1D95394A573E1F02  .....      CN=computername


[PS] C:\Windows\System32>Enable-ExchangeCertificate -thumbprint "FB5AECA6B39816F
02B3245BD1D95394A573E1F02" -services IIS
0
 
LVL 1

Author Comment

by:AndyKeen
ID: 39780798
Hi Works2011

Thanks for that detaiiled answer.

I am going to do that tomorrow when I have better access to my clients server.

Can I please come back to you tomorrow with an update.

Thank you
Regards
Andy
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 39780807
Sure, let me know what you find out.
0
 
LVL 1

Author Comment

by:AndyKeen
ID: 39781686
Spot on Works 2011 - Thanks for your help.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question