Solved

SBS2008: Issue with expired security certificate

Posted on 2014-07-21
5
301 Views
Last Modified: 2014-07-24
I have small SBS2008 network I inherited a while back. Two Windows 7 Pro clients. Recently the clients started getting a security certificate error for their local domain (remote.domain.local) when they launch Outlook. See attached graphic. I did find that there were valid certificates on file and that the latest one had just expired. As they do NOT access this server remotely and have no need of the certificate, I would prefer to disable the certificate checking process.

I found this article: http://social.technet.microsoft.com/wiki/contents/articles/3527.how-to-decommission-a-windows-enterprise-certification-authority-and-how-to-remove-all-related-objects.aspx and followed the steps down to step 5.2. The rest of the procedure was over my head so I didn't go beyond that step. Suffice to say, whatever I did up to step 5.2 did not fix the problem. Ideally I would like to disable the clients from attempting to use this certificate so they don't have to renew it. Thanks.
certificate-error.JPG
0
Comment
Question by:tcianflone
  • 2
  • 2
5 Comments
 
LVL 22

Accepted Solution

by:
David Atkin earned 300 total points
ID: 40209021
Hello,

The answer here is not to uninstall the Certification Authority but to simply renew the certificate.

You may have caused further issues by following that article.  SBS and Exchange rely on the certificates to function correctly.

Start by opening the SBS Console> Go to the networking tab and then connectivity.  Run the fix my network wizard.  Let us know what it finds.
0
 
LVL 4

Assisted Solution

by:xaichen
xaichen earned 200 total points
ID: 40209096
Hello. I agree with David Atkin.

You can renew the self signed certificate with just a few clicks from the SBS Console.

Windows SBS Console > Network Tab > Connectivity Tasks > Setup your Internet address

Follow the Wizard through to renew the certificate.

There are options to disable encryption on most email clients and to configure the server to allow unencrypted connection, bu the work involved and the security reduction it would cause would make it inadvisable.

Best regards.
0
 
LVL 1

Author Comment

by:tcianflone
ID: 40211372
Thanks for engaging on this topic. I ran the fix network wizard; results in attached graphic. I also ran the Set Up Your Internet Address wizard. Status of the certificate went from unknown to self-signed. I'm not on site, but have sent an email to the users to find out if the error pop-up has gone away. Will update status as soon as I know.
netfixwizard.jpg
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 40211555
Great let us know the outcome but with any luck that should have sorted you out.

The DHCP warning and the warning about the ports isn't a major concern.
0
 
LVL 1

Author Comment

by:tcianflone
ID: 40216592
Thanks for the help! I didn't understand about the self-signed certificate on these SBS machines, so this really helped me out. The wizard seems to get you through it pretty well. Regarding the other network "errors" the wizard found, yes, the server is not doing DHCP here so that was expected. And they are not accessing any of the SBS functionality outside the office so those ports are all closed. Cheers!
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now