Avatar of MixManMash
MixManMash
 asked on

SBS 2003 - Outlook Anywhere/HTTPS (Outlook 2010) renew certificate problems

Hi Experts,

The self-signed certificate created using the CEICW tool on our SBS 2003 expired on the weekend.  I tried running the CEICW tool with the following options:
1. Do not change connection type
2. Allow following web site services from internet (OWA, Outlook Mobile Access, Outlook via the Internet).
3. Create a new Web server certificate - domain name xxxxxx.yyyyyyyy.zzz
4. Do not change Internet e-mail configuration

The process succeeded.  However, on the client machine, I installed the new certificate in the Trusted Root Certification Authorities as I have done in the past and Outlook 2010 keeps giving me Error 8 (There is a problem with the proxy server's security certificate.  The security certificate is not from a trusted certifying authority.  Outlook is unable to connect to the proxy server xxxxxx.yyyyyyyy.zzz).  Even after installing the certificate, Internet Explorer keeps stating there is a problem with the certificate.

I am going to bring one of my old remote machines into the office later today to compare the old certificate on the client machine with the new certificate to see if any of those things could be my issue.

I look forward to any help you can provide and thanks in advance.
ExchangeMicrosoft IIS Web ServerWindows Server 2003Outlook

Avatar of undefined
Last Comment
MixManMash

8/22/2022 - Mon
Scott C

The answer is in the message... "The security certificate is not from a trusted certifying authority.".  A self-signed cert is not from a trusted CA.

Self-signed certs are no longer supported over the internet.

You need to purchase a cert from GoDaddy, VeriSign or some other trusted CA and install it.
Scott C

You also really need to retire the 2003 SBS.  It is no longer supported and hasn't been for over a year.

There are no more patches or updates being made.  

If you have an issue and need to call MS, all they are going to tell you is you need to upgrade.
MixManMash

ASKER
Oh, I agree that SBS 2003 needs to be retired and we are going to be in the process of replacing it.

I didn't realize that self-signed certificates are no longer supported.  It's interesting because this was a non-issue until the certificate expired on the weekend.
Your help has saved me hundreds of hours of internet surfing.
fblack61
ASKER CERTIFIED SOLUTION
Scott C

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
MixManMash

ASKER
Awesome.  Thank you very much Scott.
MixManMash

ASKER
Very helpful and prompt response.  This helped me to solve my issue quickly.
Scott C

Glad I could help.

Also, remember there isn't a direct upgrade path from Exchange 2003 to Exchange 2013/2016.

You will either have to migrate to Exchange 2010 then up from there or export mailboxes to .PSTs then import them into the new environment.

I'm doing one of those right now.  They are going from Exch 2007 to 2016.  Fun...fun....fun....
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
MixManMash

ASKER
I'm so tired of hosting our own Exchange that we are going to Office 365.  For the 10 or so users that we have, I think it makes the most sense.  We don't have any formal IT department being a smaller organization, so I handle most of the IT stuff along with the other hats that I wear.