Solved

SB Server 2011 Self Assigned Certificate Renewal

Posted on 2014-03-28
9
608 Views
Last Modified: 2016-06-03
Hi

The self assigned certificate on a SB Server 2011 has expired and it will not renew. I have run the Internet Address wizard and the Fix my network wizard.

After running the Internet Address wizard it says "The server cannot configure Remote Web Access. To correct this problem, run the Fix My Network Wizard.

I then run this wizard and it says the Certificate has expired so I ask it to fix it. The error is "cannot create a new certificate. Restart Certificate Authority service and then try again. However, this service does not exist.

Any ideas?

Thanks
0
Comment
Question by:JayHine
  • 4
  • 4
9 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39961206
The certificate authority service is installed as part of the Active Directory Certificate Services role. That is installed, set up, and configured by default when SBS is first installed, and the fact that you have an expired certificate is evidence that the role did exist at one time.

I've seen it removed by sysadmins thinking it wasn't necessary. Or trying to free disk space. Or other reasons. But removing it permanently breaks SBS just as a "format c:" would. Some actions there are just no coming back from.

At this point, if you want to have SBS function as intended and avoid future complications, don't force any workarounds. Instead, follow the guidance to migrate from one SBS 2011 installation to another. Technet has a specific guide for this kind of migration scenario. The new OS will have the role properly installed and the migration will preserve your data.
0
 

Author Comment

by:JayHine
ID: 39966861
is the service "Certificate Propagation" the same thing?
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39966977
No.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:JayHine
ID: 39977423
is there no other option. This is a small company and migrating and reloading a server is not an option.
0
 
LVL 57

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
ID: 39977434
If you have a backup from before the service got removed, you could restore it. There would be different hurdles with that approach, but it is an option.
0
 

Author Comment

by:JayHine
ID: 39977447
if I purchase a 3rd party certificate will I be able to install it?
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39977551
Yes, but the CA touches other parts of the system as well so won't fully resolve your issue. Some items won't work (fix my network wizard for example) and others won't work right. You really need the CA role to be there.
0
 

Author Comment

by:JayHine
ID: 39991114
I am still looking for another alternative to migrating the server as this is not an option.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
This guide is intended for migrating Windows 2003 Standard with Exchange 2003 to Windows Small Business Server 2008. You will need the following: Exchange Best Practice Analyzer: http://www.microsoft.com/downloads/details.aspx?FamilyID=DBAB201F-…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question