Renew Self Signed Cert SBS 2008

Good day folks. I received this error:

"There is no valid SMTP Transport Layer Security (TLS) certificate for the FQDN of SBSERVER01.mydomain.local. The existing certificate for that FQDN has expired. The continued use of that FQDN will cause mail flow problems. A new certificate that contains the FQDN of SBSERVER01.mydomain.local should be installed on this server as soon as possible. You can create a new certificate by using the New-ExchangeCertificate task."

A couple weeks ago I renewed the UCC SSL certificate for server.domain.com. And since there has been an "industry decision" to no longer include .local or intranet domain names within the SANs of SSL certificates, I'm now receiving an error about the self-signed certificate since my FQDN is server.domain.local

Normally this wouldn't be too big of a deal, but since we're dealing with SBS 2008 this makes the things a little different.

All of the AutoDiscover URLs, EWS, OAB, and critical virtual directories of Exchange are all pointed to the server.domain.com and not the .local. Yet the event viewer is still throwing up this error like it's going to cause a disruption in mail flow. I'm not sure I should believe it or not, but I'd like to at least renew the self signed cert.

I would normally accomplish this by using the SBS Console. However since SBS is wizard driven, I have a feeling generating a self signed cert through the "Add a trusted certificate" wizard, it will completely overwrite the cert I just renewed for the .COM.

Any advice would be greatly appreciated. Thank you.
cardscompAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

cardscompAuthor Commented:
I was able to resolve the issue simply by opening the Exchange Management Shell and running the "New-ExchangeCertificate" cmdlet.

It specifically said that "This certificate WILL NOT be used for external TLS connections" which is exactly what I wanted to avoid. Simply run that command and everything is good to go.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nashim khanExchange AdministratorCommented:
Hi,

Please see the below link it will guide you for SBS.

http://www.petenetlive.com/KB/Article/0000535.htm

Thank you.
0
cardscompAuthor Commented:
It made the error go away.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.