Link to home
Start Free TrialLog in
Avatar of Jaroslav Latal
Jaroslav LatalFlag for Czechia

asked on

SBS 2011 expired certificates

Dear experts,

I do not experience any problems with my SBS 2011 server. "Fix my network" wizard doesn't any error.

But...
When I open IIS certificates or exchange certificates, I see few expired certs. You can see it on attached screenshots.
Is it safe to remove them?

There are all "CN=sites" certs expired.
Then there are another 3 certs with long subject, something like "CN=servername@domain.com, CN=mail.domin.com, CN=something.domain.com, ..."


Regards,
Jarda
cert-IIS.png
cert-exchange.png
Avatar of Michael Chisholm
Michael Chisholm
Flag of United States of America image

You can remove them as you should have gotten a connection error if you were using the services.  I would be caution and verify this or, this would be what I would do,  create new certs to take their place before removing them to ensure proper security and functionality. Then remove the expired certs.
Avatar of Systech Admin
before removing the certs please verify if they are not used by any exchange services. check the certs installed on Exchange server.
To update my previous comment, the certificates are attached to SMTP in your images.  You also have a non expired cert attached to SMTP which is what the server should be publishing. You should be able to delete without an issue.
Avatar of Jaroslav Latal

ASKER

Correct me if I'm wrong.

I have to check SMTP service whether it uses some of the expired certs, right?
And how can I check it? I didn't find it in Exchange Management Console..

Should I remove certs from Exchange management Console or IIS or MMC (certificates) console?


Regards,
Jarda
ASKER CERTIFIED SOLUTION
Avatar of Michael Chisholm
Michael Chisholm
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hi Michael, I just removed expired "sites" cert from EMC. It disapeared automatically from IIS and MMC (local computers personal certs).

Thanks for help.


Regards,
Jarda
Glad to hear everything worked out for you. I love working with exchange and hope that in the future I can be of assistance if needed.