SBS2011 Fix my Network created a new certificate - did not update the certificate distribution package - IS it possible to export certificate from EMC to a cer format

The SBS2011 server had a certificate break, so "Fix my network" reported the problem and fixed it by making two new certificates.  The certificate distribution package in the public\download directory is not longer valid.

Problem:  Client access remotely with the https://mail.<domainname>.com/remote now get the RD gateway error - both win 7 and 8.  (old certificate has been removed from the browsers.

In the past, I have always rebuilt the certificate package by hand.  

I can see the certificate in EMC, How can I get that new certificate exported to a .cer  so I can then import it into the workstations. I've never been able to get the distribution package to update.  I just want to make sure that whatever I do does not cause a domino effect
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Check this post they have good troubleshooting tips.

Also I assume your not using a wildcard cert. Sbs2011 hate them

JoemtAuthor Commented:
OWA works fine.  Once in Remote, the bookkeeper needs to "connect" to a workstation in the computers list.  THat's when I receive the RD gateway error. I need to install the correct certificate in order to "connect" to a computer in the list.

The cert in the "cert distribution package" is wrong and I can't export the cert from EMC.  The link you sent me is not the same issue and my outlook works fine.
JoemtAuthor Commented:
If I were to go to a SSL Certificate from GoDaddy would that solve the issues I'm having?  Would that eliminate the need for the cert distribution package?

1. How many certificates do I need (types).
2. do the go daddy certificates replace ALL the existing certificates. if so, do I remove them manually?
3. Procedure?
4. Anything else to know?

Thank you
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

JoemtAuthor Commented:
On on the configuration:

Single domain controller - SBS2011, we use OWA and remote , A true email exchange server.
We only use one cert for our sbs2011 server.
 We use

What happen if they connect to

JoemtAuthor Commented:
This server is set to mail.<domainname>.com  the only issue is I cannot get to the new certificate to install on the workstations.  The RD gateway message is generated because the certificate is not installed at the workstation.
JoemtAuthor Commented:
The package had the old certificate, not the new Certificate.  I have currently removed (cut and past ) the package off the server to prevent any of the users from trying to use it.  

I see these as my options:

1.  get the certificate exported to a .cer file, which I see no utility to do so in the EMC.
2. Some how get the get the certificate distribution package to update.  (Procedure that works?)
3. I need to purchase a ssl certificate form go daddy and install (never done this before and not sure of what I need - 1 certificate for single exchange server and works with OWA and Remote)

What is the best option?

What is my best option?
JoemtAuthor Commented:
Ok I have read /watch the suggested video.

1. Internet Address Management Wizard:  

IS it possible to run this wizard and not have it screw up my exchange server and Email?   This server is working fine, I just need to get a certificate to load in the remote access laptop. Our mail.<domainname>.com is established and I don't want it screwed up.

2. Purchasing a certificate from Godaddy.

If I purchase a ssl certificate,  (seems reasonable priced). Do I need just one certificate for the entire server (exchange emails, owa and remote (Iis).  Once installed on the server do the remote workstations still require the installation of the certificate or is the certificate simply accepted by the remote workstation
Once you install on the server you do not need to install on the workstations. This would keep it simple and I have purchased from godady before.

JoemtAuthor Commented:
My biggest concern is to avoid disruption of (exchange) email services for the client.

What exact certificate do I need to purchase from Go Daddy and how do I ensure it works with our set up? I need the exchange server to continue to received and send email. Client uses mail.<domainname>. com for OWA and Remote.

Do I tie all 4 services (IMAP, POP SMTP, IIS) to the certificate?
This should help answer you question and has expain which ssl and how to install.

It will not change the name of server or services in any way.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JoemtAuthor Commented:
I did finally try the wizard and even though others reported it did not work it did work for me.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.