Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 425
  • Last Modified:

SBS2011 Remote Web Access - win7 laptop getting certificate error

sbs 2011   trying to access the remote web access with a new latop (setting up). Laptop has Win 7 pro using IE 11, I type this in the url

https://mail.<domainname>.mail/remote   I logged in suddenly got the 404 error.....clicked on compatibility mode and everything is ok.....but I need to install the certificate package. I do so. Now I can not log in at all.  I get this error immediately upon executing the url address.
certificate-error.jpg
0
Joemt
Asked:
Joemt
1 Solution
 
David Paris VicenteSystems and Comunications Administrator Commented:
Can you try with other browser and see if the problem continues?
As a quick update, in my case, this appears to be due to the insistence on certificates with 1024-bit key length.
I used the info in Update for minimum certificate key length to bypass this.

Specifically, I needed to do
certutil -setreg chain\minRSAPubKeyBitLength 512

From an admin command prompt.

But I advise you to check the link.

I hope this helps you or put you in the good way.

Regards
0
 
JoemtAuthor Commented:
I rolled back the laptop and could once again log in......but only to the point where I need to install the certificate package.  The problem is the certificate in the certificate install package. The certificates were renewed.

Mozilla didn't work either.

How do I get the "certificate install package to update"
certificate-error-issue.jpg
0
 
Adam RayCommented:
It's not exactly a solution to your question about updating the cert install package... But my two approaches:

Get a basic 3rd party certificate. They are pretty cheap now if you just getting it for the warnings on the SBS site to go away. (Especially if you one of the discounts/coupon codes for GoDaddy that are regularly available.

Or, install the certificate on the laptop manually:
Click the start button, type iexplore in the search box, press ctrl+shift+enter. (Launces Internet Explorer as administrator.)
Browse to your website (in HTTPS). Click Continue to this Website.
Click "Certificate Error" on the right hand edge of the address bar, then click View Certificates.
Click Install Certificate --> Select the Local Machine Cert Store, Next.
"Place in the following store" --> Browse --> "Trusted Root Certification Authorities
Next/Okay/Finish/etc until the wizard is done and you can close all dialogue boxes.
Exit Internet Explorer (you're still running as admin.) Reopen normally and test/use.

(Once you've done it a time or two, installing the certificate this way is much easier/simpler/faster than these instructions make it sound. I even prefer it to using certificate install package, especially since I never seem to have the installer handy.)
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Vlastimil SopuchDirectorCommented:
Is the certificate you renewed and then imported a root certificate?
0
 
David AtkinIT ProfessionalCommented:
Hello,

You can install the certificate from the Web Access by going to the following shared folder:

Public > Public Downloads

Download the 'Installer Certificate Package.zip' Extract the files and run the InstallCertificate installer which will install the certificate for you.  Then close the web browser and re-open.

You can install the certificate manually as well by double clicking the SBSCertificate.cer file, click install, select 'place all certificates in the following store' and placing it into the Trusted Root Certificate Authorities folder.

This will install the certificate on the client PC.
0
 
JoemtAuthor Commented:
Ok I have it fixed!!!    

The certificate in the install package in the public folder was the wrong one. The certificates renewed lately and I'm not sure why it's wrong.

But I had the correct certificate on my desktop, exported the certificate to a .cer file and installed the certificate on the new laptop and it worked fine.

I then installed that certificate in the public folder and re-zipped the install package with the new certificate.

This is the info I used Paragraph 3:
_______________________________________________________________________________________
SBS 2011 self signed certificate not updating in SBS console after renewal
The self signed certificate on a SBS 2011 server was expiring, so I ran the Fix My Network wizard and renewed.
This updated the certificate when you go to the OWA web page, however in SBS Console under network > connectivity > view certificate properties the date had not changed.

To create a new Certificate installation Package, I deleted the old one > ran the Fix My Network wizard > created a new package.  This had a different date again.
To get the certificate in the SBS console to match the OWA certificate > I ran the Add a trusted certificate wizard > select I want to use a certificate that is already installed on the server > selected the newly created self-issued certificate.  Now if I View Certificate Properties in the SBS console it matches the OWA certificate.

To update the install package SBSCertificate.cer file > on non-domain joined system > run IE as administrator > open OWA site > import cert into IE > in IE options > content tab > certificates > find certificate and export as SBSCertificate.cer > save into Certificate Distribution Package folder after renaming the old cer file.
0
 
JoemtAuthor Commented:
Was helpful in putting all the pieces together
0
 
JoemtAuthor Commented:
I meant to do a multiple solution here and I guess I screwed that up. Sorry.
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now