it-pro
asked on
SBS 2011 Renew Self Signed Certificate - Update Installer Package
I have an SBS 2011 Site where I was getting the Warning "Leaf certificate expiring"
Site is running the standard SBS Self signed certificate
I ran the "Fix Network" from console and the Certificate renewed Fine. Then I ran the Installed Trusted Certificate wizard and selected the new cert because SBS does not update the console as per
http://www.itsupportkb.com/sbs2011/sbs-2011-self-signed-certificate-not-updating-in-sbs-console-after-renewal
Question is how do I update the "Install Certificate Package" all my research show me having to do this manually via IE;
"To update the install package SBSCertificate.cer file > on non-domain joined system > run IE as administrator > open OWA site > import cert into IE > in IE options > content tab > certificates > find certificate and export as SBSCertificate.cer > save into Certificate Distribution Package folder after renaming the old cer file."
This is a real pain how do I just update the package to include the new cert ??? as it was originally.
Site is running the standard SBS Self signed certificate
I ran the "Fix Network" from console and the Certificate renewed Fine. Then I ran the Installed Trusted Certificate wizard and selected the new cert because SBS does not update the console as per
http://www.itsupportkb.com/sbs2011/sbs-2011-self-signed-certificate-not-updating-in-sbs-console-after-renewal
Question is how do I update the "Install Certificate Package" all my research show me having to do this manually via IE;
"To update the install package SBSCertificate.cer file > on non-domain joined system > run IE as administrator > open OWA site > import cert into IE > in IE options > content tab > certificates > find certificate and export as SBSCertificate.cer > save into Certificate Distribution Package folder after renaming the old cer file."
This is a real pain how do I just update the package to include the new cert ??? as it was originally.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Basically the link is unnecessary and shows a fundamental misunderstanding of the root/leaf system that most certificates use and how SBS implemented it to make admin of SBS easier.
ASKER
Thanks - just also found this that confirms what you saying.
https://www.experts-exchange.com/questions/27470682/SBS-2011-IAMW-not-updating-Self-Certificate-package.html
So If I had a new Non Domain PC, I would just run the old dated Installer, and that would work right.?
https://www.experts-exchange.com/questions/27470682/SBS-2011-IAMW-not-updating-Self-Certificate-package.html
So If I had a new Non Domain PC, I would just run the old dated Installer, and that would work right.?
Correct.