Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

SB Server 2011 Self Assigned Certificate Renewal

Posted on 2014-03-28
9
634 Views
Last Modified: 2016-06-03
Hi

The self assigned certificate on a SB Server 2011 has expired and it will not renew. I have run the Internet Address wizard and the Fix my network wizard.

After running the Internet Address wizard it says "The server cannot configure Remote Web Access. To correct this problem, run the Fix My Network Wizard.

I then run this wizard and it says the Certificate has expired so I ask it to fix it. The error is "cannot create a new certificate. Restart Certificate Authority service and then try again. However, this service does not exist.

Any ideas?

Thanks
0
Comment
Question by:JayHine
  • 4
  • 4
9 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39961206
The certificate authority service is installed as part of the Active Directory Certificate Services role. That is installed, set up, and configured by default when SBS is first installed, and the fact that you have an expired certificate is evidence that the role did exist at one time.

I've seen it removed by sysadmins thinking it wasn't necessary. Or trying to free disk space. Or other reasons. But removing it permanently breaks SBS just as a "format c:" would. Some actions there are just no coming back from.

At this point, if you want to have SBS function as intended and avoid future complications, don't force any workarounds. Instead, follow the guidance to migrate from one SBS 2011 installation to another. Technet has a specific guide for this kind of migration scenario. The new OS will have the role properly installed and the migration will preserve your data.
0
 

Author Comment

by:JayHine
ID: 39966861
is the service "Certificate Propagation" the same thing?
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39966977
No.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:JayHine
ID: 39977423
is there no other option. This is a small company and migrating and reloading a server is not an option.
0
 
LVL 57

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
ID: 39977434
If you have a backup from before the service got removed, you could restore it. There would be different hurdles with that approach, but it is an option.
0
 

Author Comment

by:JayHine
ID: 39977447
if I purchase a 3rd party certificate will I be able to install it?
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39977551
Yes, but the CA touches other parts of the system as well so won't fully resolve your issue. Some items won't work (fix my network wizard for example) and others won't work right. You really need the CA role to be there.
0
 

Author Comment

by:JayHine
ID: 39991114
I am still looking for another alternative to migrating the server as this is not an option.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SYSVOL and NETLOGON affected by crypto virus 7 160
Recommendation for a 'server' for a 3 computer workgroup 4 116
Roaming profile issues 1 34
SBS2008 c:\ drive toosmall 64 95
This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question