Solved

SB Server 2011 Self Assigned Certificate Renewal

Posted on 2014-03-28
9
657 Views
Last Modified: 2016-06-03
Hi

The self assigned certificate on a SB Server 2011 has expired and it will not renew. I have run the Internet Address wizard and the Fix my network wizard.

After running the Internet Address wizard it says "The server cannot configure Remote Web Access. To correct this problem, run the Fix My Network Wizard.

I then run this wizard and it says the Certificate has expired so I ask it to fix it. The error is "cannot create a new certificate. Restart Certificate Authority service and then try again. However, this service does not exist.

Any ideas?

Thanks
0
Comment
Question by:JayHine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39961206
The certificate authority service is installed as part of the Active Directory Certificate Services role. That is installed, set up, and configured by default when SBS is first installed, and the fact that you have an expired certificate is evidence that the role did exist at one time.

I've seen it removed by sysadmins thinking it wasn't necessary. Or trying to free disk space. Or other reasons. But removing it permanently breaks SBS just as a "format c:" would. Some actions there are just no coming back from.

At this point, if you want to have SBS function as intended and avoid future complications, don't force any workarounds. Instead, follow the guidance to migrate from one SBS 2011 installation to another. Technet has a specific guide for this kind of migration scenario. The new OS will have the role properly installed and the migration will preserve your data.
0
 

Author Comment

by:JayHine
ID: 39966861
is the service "Certificate Propagation" the same thing?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39966977
No.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:JayHine
ID: 39977423
is there no other option. This is a small company and migrating and reloading a server is not an option.
0
 
LVL 58

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
ID: 39977434
If you have a backup from before the service got removed, you could restore it. There would be different hurdles with that approach, but it is an option.
0
 

Author Comment

by:JayHine
ID: 39977447
if I purchase a 3rd party certificate will I be able to install it?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39977551
Yes, but the CA touches other parts of the system as well so won't fully resolve your issue. Some items won't work (fix my network wizard for example) and others won't work right. You really need the CA role to be there.
0
 

Author Comment

by:JayHine
ID: 39991114
I am still looking for another alternative to migrating the server as this is not an option.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Written by Glen Knight (demazter) as part of a series of how-to articles. Introduction One of the biggest consumers of disk space with Small Business Server 2008(SBS) is Windows Server Update Services, more affectionately known as WSUS. For t…
The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question