SB Server 2011 Self Assigned Certificate Renewal

Hi

The self assigned certificate on a SB Server 2011 has expired and it will not renew. I have run the Internet Address wizard and the Fix my network wizard.

After running the Internet Address wizard it says "The server cannot configure Remote Web Access. To correct this problem, run the Fix My Network Wizard.

I then run this wizard and it says the Certificate has expired so I ask it to fix it. The error is "cannot create a new certificate. Restart Certificate Authority service and then try again. However, this service does not exist.

Any ideas?

Thanks
LVL 1
Optima SystemsNetwork EngineerAsked:
Who is Participating?
 
Cliff GaliherConnect With a Mentor Commented:
The certificate authority service is installed as part of the Active Directory Certificate Services role. That is installed, set up, and configured by default when SBS is first installed, and the fact that you have an expired certificate is evidence that the role did exist at one time.

I've seen it removed by sysadmins thinking it wasn't necessary. Or trying to free disk space. Or other reasons. But removing it permanently breaks SBS just as a "format c:" would. Some actions there are just no coming back from.

At this point, if you want to have SBS function as intended and avoid future complications, don't force any workarounds. Instead, follow the guidance to migrate from one SBS 2011 installation to another. Technet has a specific guide for this kind of migration scenario. The new OS will have the role properly installed and the migration will preserve your data.
0
 
Optima SystemsNetwork EngineerAuthor Commented:
is the service "Certificate Propagation" the same thing?
0
 
Cliff GaliherCommented:
No.
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
Optima SystemsNetwork EngineerAuthor Commented:
is there no other option. This is a small company and migrating and reloading a server is not an option.
0
 
Cliff GaliherConnect With a Mentor Commented:
If you have a backup from before the service got removed, you could restore it. There would be different hurdles with that approach, but it is an option.
0
 
Optima SystemsNetwork EngineerAuthor Commented:
if I purchase a 3rd party certificate will I be able to install it?
0
 
Cliff GaliherCommented:
Yes, but the CA touches other parts of the system as well so won't fully resolve your issue. Some items won't work (fix my network wizard for example) and others won't work right. You really need the CA role to be there.
0
 
Optima SystemsNetwork EngineerAuthor Commented:
I am still looking for another alternative to migrating the server as this is not an option.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.