Security Certificate has expired

Hello All... Customer is getting the above message every time they open outlook... I checked their server which is SBS and noticed the certificate is expired... However it is not self assigned so I am not sure what to do... I cant seem to just renew it? It has never been setup with an SSL certificate from the outside and has been working fine for the last 3 years.... Should I purchase an outside SSL? Is there any quick instructions on what I should do? Remember everything resides on 1 server as it is small business server. Any help would be great as I believe they are currently receiving email but getting complaints of customers not receiving their replies!
gsswho6Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David AtkinTechnical DirectorCommented:
Hello,

You need to purchase another third party certificate.  It is slightly different that renewing a self signed certificate but most providers have steps for you to follow.

See here for GoDaddys instructions for example:
http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html

Basically you open the Windows SBS Console on the server, navigate to the Network tab and the Connectivity sub-tab and launch the Add a Trusted Certificate connectivity task.  Follow the instructions from there.
0
Guy LidbetterCommented:
Hi there, if its the exchange cert you can get a new one with the below code in the exchange shell...


Get-ExchangeCertificate <thumbprint> | New-ExchangeCertificate | Enable-ExchangeCertificate -services pop,imap,smtp,iis

Open in new window



You can get the thumbprint of the old cert with Get-ExchangeCertificate
0
gsswho6Author Commented:
Thanks... Question... When installing this cert will it mess anything else up that is running on the SBS? I have heard horror stories about people SAGE stop working/etc...  Appreciate it.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

gsswho6Author Commented:
Let me give that shot GUY.
0
David AtkinTechnical DirectorCommented:
The Certificate will be applied to Exchange, IIS and Remote Gateway Server.

It won't cause any problems with Sage etc.

Do it via the SBS Console.  NOT Command line - The SBS Console will apply the certificates to all parts but the Exchange Command will not.
0
gsswho6Author Commented:
I believe all the other certs SBS shows are self assigned TRUE and have expired dates like in 2020... Then the one expired show self assign FALSE and shows SMTP, IIS, POP, IMAP ....
0
Guy LidbetterCommented:
If you have never had an external cert there is no need to go purchasing one now...

If its the server cert thats the issue do the following

Start the Windows SBS2011 Standard Console
Click on the Network icon in the top bar
Wait for the panel in the right to become active and then click on 'Fix My Network'
Let the wizard search for problems.
One of the problems it should find is the expired certificate.
Clear all the checkboxes except the certificate one and click Next
This will then re-issue a new self signed certificate on the server.

Regards

Guy
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Guy LidbetterCommented:
@David - what are all the parts you are referring to?
0
David AtkinTechnical DirectorCommented:
@Guy - Exchange, IIS and the Remote Desktop Gateway.

The correct way with SBS is via the console.  It can be done via command but the wizard is their for the Admins ease.
0
Guy LidbetterCommented:
Well, as mentioned, if its just the exchange cert, as I suspect since Outlook is complaining... I've done it numerous times via the command with no issues.

However I have had issues with IE settings on desktops resetting when doing it via the admin console.
0
gsswho6Author Commented:
Thanks GUY! That seemed to do this trick!
0
Guy LidbetterCommented:
Pleasure!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.