<div>
Oh! &nbsp;There's no smart card logins being done on network. &nbsp;Just the typical user/password / domain login from these win 7 machines that are in the same office /Lan as server
</div>


<div>
Here's the full text of so failure log:<br />
<br />
Randazzo B-PC2 Backup report: 31-Jan-2016 15:30:00 service 100 service (build 59) started job by incremental trigger<br />
31-Jan-2016 15:30:00 service 104 5.2.3.37285 92A8-439C yXhIgXhtputN/TYx5c4mhw== 1057-4E4B-5E3C-9DA0-5F23-0<wbr />01C-C06B-3<wbr />0F9<br />
31-Jan-2016 15:30:00 service 509 Cannot get access to destination object<br />
31-Jan-2016 15:30:00 service 101 Cannot execute job (An untrusted certificate authority was detected While processing the smartcard certificate used for authentication. Please contact your system administrator. 0x80090352(2148074322))
</div>


<div>
the date / time is correct.<br />
<br />
poking around places I've rarely been to on the server, I see a self signed cert that expired 1/31/16 - today,when the problem started. &nbsp;<br />
<br />
Somewhere on the web I saw that you should run the fix my network wizard. Did that, rebooted server and still getting that error.<br />
<br />
Quite some time ago I got a message from Godaddy about a cert we have with them that should be rekeyed (from sha1 to sha2?) (if you got to remote.ourdomain.com the browser balks at the certificate). &nbsp; I did the rekey and now the browser is happy with the cert.<br />
<br />
But the desktop to server connection is using a different cert? &nbsp;How to fix that message that'an untrusted certificate authority was detected'.<br />
<br />
And by the way, is there a place you can point me to to learn about certs? intermediate, primary, self certs, my head hurts.
</div>


<div>
time &gt;&nbsp;$$ &nbsp; certainly!<br />
<br />
So I have an eternal cert from godaddy that I just rekeyed / reinstalled.<br />
<br />
I'm still getting that non trusted cert authority message when trying to access the server share from the desktop (using username / password credentials stored in shadow protect the username / password are NOT the user). &nbsp;do I delete any local certs? &nbsp;How do I stop having the server itself be the non-trusted cert authority? (I guess that's what the message is meaning? &nbsp;The server itself is not trusted?)
</div>


<div>
I went into admin tools IIS manager , clicked on default web site on left then on right colum, clicked on edit site / bindings. Here's what it looked like. &nbsp;8 entries not 2.<br />
<br />
after doing that screen capture,<br />
<br />
I wound up starting the admin tools / certificate authority.<br />
<br />
in there, clicked on the server name on left. &nbsp;then right click choose all tasks / renew CA authority.<br />
<br />
under properties for the server, there's 2 certs. both are current, 1 was created today.<br />
<br />
I really need to do this at night to go from a user PC to see if I broke something / fixed something.<br />
<br />
&gt;&gt;&gt;&gt;&nbsp; I'm just wandering around the different interfaces. Is there a way to learn what all this certificate stuff means / how it works / what I want to do?<br />
<br />
do these things look right?<br />
<br />
under the server, there's<br />
<br />
revoked certs - blank<br />
issued certs - 14 different ones. 11 have expired dates (can I delete them?)<br />
Pending certs - blank<br />
failed requests - 16, request dates 2012 to 2015. &nbsp;Can I delete these?<br />
certificate templates - 11 of these. I have no clue when these would be needed &nbsp;/ what I would do with them.
</div>


<div>
<br />
<a href="https://filedb.experts-exchange.com/incoming/2016/02_w06/1079060/bindings.jpg" target="_blank" class="file-inline" title="binding in IIS mamager for default web site (39 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>bindings.jpg</a>
</div>


binding in IIS mamager for default web site

bindings.jpg

<div>
<a href="http://blogs.technet.com/b/askds/archive/2010/08/31/the-case-of-the-enormous-ca-database.aspx" rel="ugc">http://blogs.technet.com/b/askds/archive/2010/08/31/the-case-of-the-enormous-ca-database.aspx</a><br />
<br />
<a href="http://blogs.technet.com/b/xdot509/archive/2013/05/10/operating-a-windows-pki-removing-expired-certificates-from-the-ca-database.aspx" rel="ugc">http://blogs.technet.com/b/xdot509/archive/2013/05/10/operating-a-windows-pki-removing-expired-certificates-from-the-ca-database.aspx</a><br />
<br />
ok to delete failed &amp;&nbsp;pending. can you do it through the UI or have to use the command line? &nbsp;<br />
<br />
certutil –deleterow &lt;today’s date in mm/dd/yyyy format&gt; request
</div>


<div>
OK, I deleted failed, pending and expired from the command line (no option to do it in the GUI it seems.)<br />
<br />
in this picture, can I delete cert 0 since cert 1 will expire later and seems to do the same thing as 0.<br />
<br />
but we're still dealing with self signed certs here, right?<a href="https://filedb.experts-exchange.com/incoming/2016/02_w06/1079063/certs.jpg" target="_blank" title="do I need both certs? (167 KB)"><img alt="do I need both certs?" class="file-block lazyload" style="max-width: 800px;" data-src="https://filedb.experts-exchange.com/incoming/2016/02_w06/800_1079063/certs.jpg" /></a>
</div>


certs.jpg

<div>
<div class="content wysiwyg-content">
Just started getting this as part of failures of shadow protect on all desktops saving continuous incrementals to a share on SBS 2011 standard server<br />
<br />
An untrusted certificate authority was detected While processing the smartcard certificate used for authentication. <br />
<br />
Any advice?
</div>
</div>


Just started getting this as part of failures of shadow protect on all desktops saving continuous incrementals to a share on SBS 2011 standard server

An untrusted certificate authority was detected While processing the smartcard certificate used for authentication. 

Any advice?

How to fix?

Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

The term "Backup" means the methods and processes involved to copy computer data (system data as well as application data) to media other than the ones where the data originally live (disk, tape, optical, cloud). "Restore" in turn means the methods and processes involved in data recovery, i. e., bringing back copied computer data to their original location. Backup/Restore primarily serves as a means of protection against data loss, be it due to disaster, corruption or sabotage. It can also be used for recovering data from an earlier point in time and even for cloning machines or applications. There is a wide variety of backup/restore software available, from expensive commercial products to free or open source tools.

Storage Software

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.

Windows OS

Windows 7 is an operating system from Microsoft. Features include multi-touch support, a redesigned Windows Shell with a new taskbar, referred to as the Superbar, a home networking system called HomeGroup, and performance improvements.