Link to home
Start Free TrialLog in
Avatar of gsswho6
gsswho6Flag for United States of America

asked on

Security Certificate has expired

Hello All... Customer is getting the above message every time they open outlook... I checked their server which is SBS and noticed the certificate is expired... However it is not self assigned so I am not sure what to do... I cant seem to just renew it? It has never been setup with an SSL certificate from the outside and has been working fine for the last 3 years.... Should I purchase an outside SSL? Is there any quick instructions on what I should do? Remember everything resides on 1 server as it is small business server. Any help would be great as I believe they are currently receiving email but getting complaints of customers not receiving their replies!
Avatar of David Atkin
David Atkin
Flag of United Kingdom of Great Britain and Northern Ireland image


You need to purchase another third party certificate.  It is slightly different that renewing a self signed certificate but most providers have steps for you to follow.

See here for GoDaddys instructions for example:

Basically you open the Windows SBS Console on the server, navigate to the Network tab and the Connectivity sub-tab and launch the Add a Trusted Certificate connectivity task.  Follow the instructions from there.
Hi there, if its the exchange cert you can get a new one with the below code in the exchange shell...

Get-ExchangeCertificate <thumbprint> | New-ExchangeCertificate | Enable-ExchangeCertificate -services pop,imap,smtp,iis

Open in new window

You can get the thumbprint of the old cert with Get-ExchangeCertificate
Avatar of gsswho6


Thanks... Question... When installing this cert will it mess anything else up that is running on the SBS? I have heard horror stories about people SAGE stop working/etc...  Appreciate it.
Avatar of gsswho6


Let me give that shot GUY.
The Certificate will be applied to Exchange, IIS and Remote Gateway Server.

It won't cause any problems with Sage etc.

Do it via the SBS Console.  NOT Command line - The SBS Console will apply the certificates to all parts but the Exchange Command will not.
Avatar of gsswho6


I believe all the other certs SBS shows are self assigned TRUE and have expired dates like in 2020... Then the one expired show self assign FALSE and shows SMTP, IIS, POP, IMAP ....
Avatar of Guy Lidbetter
Guy Lidbetter
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
@David - what are all the parts you are referring to?
@Guy - Exchange, IIS and the Remote Desktop Gateway.

The correct way with SBS is via the console.  It can be done via command but the wizard is their for the Admins ease.
Well, as mentioned, if its just the exchange cert, as I suspect since Outlook is complaining... I've done it numerous times via the command with no issues.

However I have had issues with IE settings on desktops resetting when doing it via the admin console.
Avatar of gsswho6


Thanks GUY! That seemed to do this trick!