• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 240
  • Last Modified:

Self Signed certificate problem

This is SBS 2008. Our self-signed certificate expired yesterday. I have used the 'Set up your internet address' wizard in the SBS console. I can see the new certificate is there, and it expires in July 2016.

My problem is that the client pc's dont seem to trust it. When anyone opens Outlook they get a certificate error stating that the certificate was issued by a company we have not chosen to trust.  When I look at the certificate, it is issued to remote.myexternaldomain.com and it is Issued by internaldomain-server-CA I've checked the expired certificate and it has the same information. So how do I fix this?
0
TownTalk
Asked:
TownTalk
  • 2
  • 2
2 Solutions
 
Alan HardistyCo-OwnerCommented:
Install the new certificate onto every machine you have or buy a trusted 3rd party SSL certificate for $60 a year and then it will automatically be trusted and you don't have to install anything on any machine other than the server.
0
 
TownTalkAuthor Commented:
But the self-signed should be trusted shouldn't it? I didn't have this problem when I re-issued the certificate 2 years ago.
0
 
Alan HardistyCo-OwnerCommented:
When the clients join the domain, the certificate gets installed onto their PC so it therefore trusts the server because it has the certificate installed.

Now it doesn't have the new certificate installed, so it doesn't trust the server.

Not sure what you did 2 years ago, but that's what you need to do.

Alan
0
 
TownTalkAuthor Commented:
Ah yes I understand now. Most of the machines are less than 2 years old, so they would have got the certificate when they were joined to the domain.  I've been around and installed the certificate, and I found that the problem wasn't occurring on the machines which are older than 2 years. So for whatever reason, they trust the certificate. I'm curious as to why this is the case, but my problem is fixed. So thanks guys for your input.

Ian
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now