Solved

SBS2008: Issue with expired security certificate

Posted on 2014-07-21
5
312 Views
Last Modified: 2014-07-24
I have small SBS2008 network I inherited a while back. Two Windows 7 Pro clients. Recently the clients started getting a security certificate error for their local domain (remote.domain.local) when they launch Outlook. See attached graphic. I did find that there were valid certificates on file and that the latest one had just expired. As they do NOT access this server remotely and have no need of the certificate, I would prefer to disable the certificate checking process.

I found this article: http://social.technet.microsoft.com/wiki/contents/articles/3527.how-to-decommission-a-windows-enterprise-certification-authority-and-how-to-remove-all-related-objects.aspx and followed the steps down to step 5.2. The rest of the procedure was over my head so I didn't go beyond that step. Suffice to say, whatever I did up to step 5.2 did not fix the problem. Ideally I would like to disable the clients from attempting to use this certificate so they don't have to renew it. Thanks.
certificate-error.JPG
0
Comment
Question by:tcianflone
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 22

Accepted Solution

by:
David Atkin earned 300 total points
ID: 40209021
Hello,

The answer here is not to uninstall the Certification Authority but to simply renew the certificate.

You may have caused further issues by following that article.  SBS and Exchange rely on the certificates to function correctly.

Start by opening the SBS Console> Go to the networking tab and then connectivity.  Run the fix my network wizard.  Let us know what it finds.
0
 
LVL 4

Assisted Solution

by:xaichen
xaichen earned 200 total points
ID: 40209096
Hello. I agree with David Atkin.

You can renew the self signed certificate with just a few clicks from the SBS Console.

Windows SBS Console > Network Tab > Connectivity Tasks > Setup your Internet address

Follow the Wizard through to renew the certificate.

There are options to disable encryption on most email clients and to configure the server to allow unencrypted connection, bu the work involved and the security reduction it would cause would make it inadvisable.

Best regards.
0
 
LVL 1

Author Comment

by:tcianflone
ID: 40211372
Thanks for engaging on this topic. I ran the fix network wizard; results in attached graphic. I also ran the Set Up Your Internet Address wizard. Status of the certificate went from unknown to self-signed. I'm not on site, but have sent an email to the users to find out if the error pop-up has gone away. Will update status as soon as I know.
netfixwizard.jpg
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 40211555
Great let us know the outcome but with any luck that should have sorted you out.

The DHCP warning and the warning about the ports isn't a major concern.
0
 
LVL 1

Author Comment

by:tcianflone
ID: 40216592
Thanks for the help! I didn't understand about the self-signed certificate on these SBS machines, so this really helped me out. The wizard seems to get you through it pretty well. Regarding the other network "errors" the wizard found, yes, the server is not doing DHCP here so that was expected. And they are not accessing any of the SBS functionality outside the office so those ports are all closed. Cheers!
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question