SBS2011 Fix my Network created a new certificate - did not update the certificate distribution package - IS it possible to export certificate from EMC to a cer format

The SBS2011 server had a certificate break, so "Fix my network" reported the problem and fixed it by making two new certificates.  The certificate distribution package in the public\download directory is not longer valid.

Problem:  Client access remotely with the https://mail.<domainname>.com/remote now get the RD gateway error - both win 7 and 8.  (old certificate has been removed from the browsers.

In the past, I have always rebuilt the certificate package by hand.  

I can see the certificate in EMC, How can I get that new certificate exported to a .cer  so I can then import it into the workstations. I've never been able to get the distribution package to update.  I just want to make sure that whatever I do does not cause a domino effect
JoemtAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ComputerTechieCommented:
Check this post they have good troubleshooting tips.
http://mobile.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_28266166.html


Also I assume your not using a wildcard cert. Sbs2011 hate them

CT
0
JoemtAuthor Commented:
OWA works fine.  Once in Remote, the bookkeeper needs to "connect" to a workstation in the computers list.  THat's when I receive the RD gateway error. I need to install the correct certificate in order to "connect" to a computer in the list.

The cert in the "cert distribution package" is wrong and I can't export the cert from EMC.  The link you sent me is not the same issue and my outlook works fine.
RD-Gateway.jpg
view-cert.jpg
0
JoemtAuthor Commented:
If I were to go to a SSL Certificate from GoDaddy would that solve the issues I'm having?  Would that eliminate the need for the cert distribution package?
Questions:

1. How many certificates do I need (types).
2. do the go daddy certificates replace ALL the existing certificates. if so, do I remove them manually?
3. Procedure?
4. Anything else to know?

Thank you
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

JoemtAuthor Commented:
On on the configuration:

Single domain controller - SBS2011, we use OWA and remote , A true email exchange server.
0
ComputerTechieCommented:
We only use one cert for our sbs2011 server.
 We use remote.servername.com

What happen if they connect to remote.servername.com?

CT
0
JoemtAuthor Commented:
This server is set to mail.<domainname>.com  the only issue is I cannot get to the new certificate to install on the workstations.  The RD gateway message is generated because the certificate is not installed at the workstation.
0
JoemtAuthor Commented:
The package had the old certificate, not the new Certificate.  I have currently removed (cut and past ) the package off the server to prevent any of the users from trying to use it.  

I see these as my options:

1.  get the certificate exported to a .cer file, which I see no utility to do so in the EMC.
2. Some how get the get the certificate distribution package to update.  (Procedure that works?)
3. I need to purchase a ssl certificate form go daddy and install (never done this before and not sure of what I need - 1 certificate for single exchange server and works with OWA and Remote)

What is the best option?

What is my best option?
0
JoemtAuthor Commented:
Ok I have read /watch the suggested video.

1. Internet Address Management Wizard:  

IS it possible to run this wizard and not have it screw up my exchange server and Email?   This server is working fine, I just need to get a certificate to load in the remote access laptop. Our mail.<domainname>.com is established and I don't want it screwed up.

2. Purchasing a certificate from Godaddy.

If I purchase a ssl certificate,  (seems reasonable priced). Do I need just one certificate for the entire server (exchange emails, owa and remote (Iis).  Once installed on the server do the remote workstations still require the installation of the certificate or is the certificate simply accepted by the remote workstation
0
ComputerTechieCommented:
Once you install on the server you do not need to install on the workstations. This would keep it simple and I have purchased from godady before.

CT
0
JoemtAuthor Commented:
My biggest concern is to avoid disruption of (exchange) email services for the client.
Questions:

What exact certificate do I need to purchase from Go Daddy and how do I ensure it works with our set up? I need the exchange server to continue to received and send email. Client uses mail.<domainname>. com for OWA and Remote.

Do I tie all 4 services (IMAP, POP SMTP, IIS) to the certificate?
0
ComputerTechieCommented:
This should help answer you question and has expain which ssl and how to install.

It will not change the name of server or services in any way.

http://mobile.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_27973020.html

CT
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JoemtAuthor Commented:
I did finally try the wizard and even though others reported it did not work it did work for me.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.