Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SSL Certificate on SBS2011 Expiring , where to find it

Posted on 2014-04-10
8
Medium Priority
?
599 Views
Last Modified: 2014-04-10
Hi all,

I've recently taken over a server, SBS2011 with Exchange 2010, also running IIS. I received a notice from godaddy that an SSL certificate for the domain is expiring. This domain is externally accessible as well.

I've looked in MMC, Certificates, Local Computer, while I see other certificates that match certificates expiring at different times, I cannot seem to find this one in particular .

I'm beginning to think it is perhaps an unused certificate that is expiring, however I am hoping for some assistance on where else to check on my server to see if there is a cert matching it. (trying to prevent any kind of outage if it does expire and is needed!)

Is there any other places on the server I should check, or any suggestions on how to tell where the certificate in question is being used?

Thanks in advance
0
Comment
Question by:ChiIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 29

Accepted Solution

by:
becraig earned 1600 total points
ID: 39992065
Run the following command from powershell to see all certs for local computer:

gci cert:\LocalMachine\My | ft notafter, Subject
0
 
LVL 7

Assisted Solution

by:Mohammed Tahir
Mohammed Tahir earned 400 total points
ID: 39992069
On exchange powershell run command Get-exchangecertificate |fl and compare the expired certificate with valid cert.


Tahir
0
 
LVL 2

Author Comment

by:ChiIT
ID: 39992098
thank you both...


gci cert:\LocalMachine\My | ft notafter, Subject returned 5 certificates, none matched the expiration date that is the one in question.

Exchange 2010 is running on the same server, do I need to run a different powershell for that command or is it the same as the server? I ran in the server powershell and received an error saying it couldn't find that command.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 29

Expert Comment

by:becraig
ID: 39992107
If the command returned no certs showing up as expiring on that date then it seems your assumption is correct.

Any certificate for use by Exchange would be in the local store, the absence of an expiring cert indicate this is not a cert expiring locally.
0
 
LVL 2

Author Comment

by:ChiIT
ID: 39992115
ok I answered my own question. Ran the exchange powershell and there is also no certificate there that matches the expiration date of the godaddy one in question...
0
 
LVL 2

Author Comment

by:ChiIT
ID: 39992123
thanks becraig, just so I understand, that command will list all certs, right? So for IIS, exchange, etc?
0
 
LVL 29

Assisted Solution

by:becraig
becraig earned 1600 total points
ID: 39992127
yup any certificates installed on the local computer for machine use, will be stored under localcomputer\my

So once you scan that location, it will give you a complete view of all certs, no matter what application is using it.
0
 
LVL 2

Author Closing Comment

by:ChiIT
ID: 39992135
thanks guys! appreciate the quick response and help!
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question