Solved

Renewing Self Signed Certificate in SBS 2008

Posted on 2014-01-23
2
752 Views
Last Modified: 2014-01-24
When I originally set up our SBS server I set our domain to what I will call ABC.com. After some time the owners wanted a different domain for email. To do this, I went into the exchange server Organization\Hub Transport and set up a new Accepted domain of  what I will call XYZ.com. I then went in to the E-Mail Address Polices and modified the "Windows SBS Email Address Policy" to reflect the new domain. So now when I run the add new user wizard from the SBS Console, the default smtp email address of the new user properly reflects the new domain. This allowed me to keep the ABC accepted domain and continue to receive emails sent to that domain. It also allowed me to not have to change the external domain name, which I was concerned might jack up a whole lot of other things as well. All good.

Two years ago, I had to renew the Self Signed Certificate. I honestly cant remember whether I ran the "Fix My Network " wizard or the "Set Up Your Internet Address" wizard. I think it might have been "Fix My Network". My understanding is that you can (and must) run either of these wizards to renew the cert.

But what I do remember is that the wizard reset (actually overwrote) everyone's default email address back to the ABC domain. The only way I could correct the problem was to go into each and everyone's Mailbox and change their smtp addresses back to the new domain.

It is getting close to the timeframe where I need to renew this certificate again and I really would like to avoid the problem this time around. Has anybody seen this and if so, know how to avoid it?
0
Comment
Question by:RickElcessor
2 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39805789
The SBS system is tightly integrated. Your mistake was making modifications outside of the wizard. If you want to use a different domain then you should have run the Internet Name wizard, entering the new domain name when prompted. A self signed SSL certificate would have been created in the new domain and everything would be fine. If you still wanted the old domain to work then just add that domain as an additional domain in a new email address policy.

That is what I would encourage you to do now.
I would also encourage you to drop the self signed certificate, which isn't really designed for production use, and swap it for a trusted certificate. That way you will not have to visit every client to install the certificate and end users accessing the server from external do not have to bypass SSL warnings, which is a bad thing to get users used to doing.

http://exchange.sembee.info/2007/install/sbs2008ssl.asp

Simon.
0
 

Author Closing Comment

by:RickElcessor
ID: 39807610
Obviously not what I wanted to hear but I get it. Makes perfect sense. Thanks
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question