Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SBS Certificate Error

Posted on 2016-08-22
7
Medium Priority
?
68 Views
Last Modified: 2016-08-23
Hi,

When my users are logging onto either OWA or outlook, they are getting an error which indicates a GoDaddy Certificate has expired. Do I have to buy a new certificate and install it or is there a way of self signing a certificate?

Thanks
SycamoreIT
0
Comment
Question by:SycamoreIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 10

Assisted Solution

by:Muhammad Mulla
Muhammad Mulla earned 1000 total points
ID: 41765146
There are ways of installing self-signed certs on SBS, but it is better and more secure to purchase/renew  an external cert.

https://blogs.technet.microsoft.com/sbs/2008/09/20/introducing-the-add-a-trusted-certificate-wizard-in-sbs-2008/

Or if you really want to go self-signed:

http://serverfault.com/questions/526221/renewing-sbs2011-exchange-self-signed-certificate-w-o-changing-home-page-in-ie
0
 

Author Comment

by:SycamoreIT
ID: 41765337
Im getting this -

[PS] C:\Windows\system32>Get-ExchangeCertificate A2170B014BF7B6064D3829D8A2A81A0E5D760131 | New-ExchangeCertificate |
able-ExchangeCertificate -services pop,imap,smtp,iis
WARNING: This certificate will not be used for external TLS connections with an FQDN of 'mail.company.com' because the
CA-signed certificate with thumbprint 'A2170B014BF7B6064D3829D8A2A81A0E5D760131' takes precedence. The following
receive/send connectors match that FQDN: Windows SBS Internet Receive SBS2011.

Confirm
Overwrite the existing default SMTP certificate?

Current certificate: 'D795186EFE726A43E99F4DF11C6CB6F512BD442D' (expires 22/10/2020 14:16:29)
Replace it with certificate: 'F66776444892DE0AF4FB12CF46250400381090C1' (expires 22/08/2021 15:07:27)
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"):

I dont think its the right certificate?
0
 

Author Comment

by:SycamoreIT
ID: 41765476
Odd, Ive checked all my certificates and none of them are expired?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 22

Expert Comment

by:David Atkin
ID: 41766456
Once you purchase the new certificate you will need to add it via the SBS Console using the Add a Trusted Certificate wizard.  Follow the instructions on screen - Its straight forward.

Adding it via the console will configure Exchange, IIS and the Remote Access Gateway.

Edit:
If it doesn't look like its expired then run the Fix My Network wizard to see if it finds any certificate errors.
0
 

Author Comment

by:SycamoreIT
ID: 41766706
Ive ran the Fix my Network and it offered to fix the cert which is reported back it did succesfully. Still got users complaining they cannot pickup their emails on there phones (mixture of driod/ios) - do they need to remove and add the account back in on there phones?
0
 
LVL 22

Accepted Solution

by:
David Atkin earned 1000 total points
ID: 41767047
No they shouldn't need to.  Can you re-check the certificate and confirm if its still the trusted one?
0
 

Author Closing Comment

by:SycamoreIT
ID: 41767145
Thank you both. All sorted.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outlook for dependable use in a very small business   This article is about using the Outlook application (part of Microsoft Office) in a very small business, or for homeowners where dependability and reliability are critical requirements. This …
This article describes how to import Lotus Notes Contacts into Outlook 2016, 2013, 2010 and 2007 etc. with a few manual steps. You can easily export and migrate Lotus Notes contacts into Microsoft Outlook without having to use any third party tools.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question