Konstantin Krolikov
asked on
Root CA Server was removed
Hi Experts,
We did removed Root Enterprise CA Server (StandAlone) from our server for X reason.
Old servers and DC was moved to new servers and successful configured. And for now everything is working more then perfect.
But users start to get certificate error at there computers from Outlook. They does same hosted exchange server and there was no any changes.
Certificate error show that signed certificate was expired at 2009. Root certificate is till 2018.
What I should to do ?
(Create GPO to move them to untrusted or revoked or some any other ideas)
I need to prevent workstations from poping up this error/warning message.
We did removed Root Enterprise CA Server (StandAlone) from our server for X reason.
Old servers and DC was moved to new servers and successful configured. And for now everything is working more then perfect.
But users start to get certificate error at there computers from Outlook. They does same hosted exchange server and there was no any changes.
Certificate error show that signed certificate was expired at 2009. Root certificate is till 2018.
What I should to do ?
(Create GPO to move them to untrusted or revoked or some any other ideas)
I need to prevent workstations from poping up this error/warning message.
Check in Exchange Management Console under server management which certificate is being used, there you will probably find the expired one.
ASKER
This is the point. There was an old Exchange server that was down a long long time ago. I Think 5 years ago. And now all employees connected to exchange that sitting at another environment at cloud. Its even not talking and wasn't talking with DC or CA.
Well, exchange doesnt ever need to talk to the CA, the CA only issues the certificate and exchange simply uses it.
There are other mechanisms that check if the certificate is valid.
Did you check ESM for the certificate?
There are other mechanisms that check if the certificate is valid.
Did you check ESM for the certificate?
ASKER
Emmmm.... ESM 6.5
Have no idea where to search (Did tried to find and nothing), on my old exchange.
I did checked server, all certificates and did find this one, it's located in personal folder at computer level. There are others but they all till 2018. Only this one is expired i think clients have same one at same location ? Maybe this is the issue ?
Have no idea where to search (Did tried to find and nothing), on my old exchange.
I did checked server, all certificates and did find this one, it's located in personal folder at computer level. There are others but they all till 2018. Only this one is expired i think clients have same one at same location ? Maybe this is the issue ?
Probably yes
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I did got an information and ideas. But in fact I didn't received any solution to resolve this issue.