create a selfsign certificate with correct common name

I accidentally remove the old certificate in site 1 on my SBS 2011 server and now when I try to create a self sign ssl certificate with correct common name, it does not show up on the server certificate location.

Does anyone know how to restore the site 1 certificate so I can create a new one to replace it? or get around this issue?

I remove it using the iis6>server certificate  mmc to delete and the tool SelfSSL.exe to create the selfsign but only install on site 1 position.

Please help.
jason wAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Scott KunauSr. Consultant/Managing PartnerCommented:
When you say "site 1 certificate" do you mean the internal certificate authority certificate?

Have you tried using a windows-version of openssl to re-generate the certificate? Have you presented a new certificate signing request to the internal CA to generate a replacement/new certificate? If so, does that CSR appear so you can "finish" it?

Scott
Hypercat (Deb)Commented:
Try running the Fix My Network wizard.  I think this will create a new certificate for you.
systechadminConsultantCommented:
you just create selfsign certificate from IIS 6 only... that should work
Cloud as a Security Delivery Platform for MSSPs

Every Managed Security Service Provider (MSSP) needs a platform to deliver effective and efficient security-as-a-service to their customers. Scale, elasticity and profitability are a few of the many features that a Cloud platform offers. View our on-demand webinar to learn more!

Scott KunauSr. Consultant/Managing PartnerCommented:
Agreed...should be able to start a CSR from IIS 6...present it to the CA via the MMC snapin, mint the cert and re-present it back to IIS for consumption.
MASEE Solution Guide - Technical Dept HeadCommented:
Try running this command. Exchange Server has a CA installed. You can generate from the server itself. Replace cn=mail.contoso.com" and "autodiscover.contoso.com" with your name
New-ExchangeCertificate -KeySize 2048 -SubjectName "c=US, s=SANFrancisco, I=Safat, o=MS, ou=IT, cn=mail.contoso.com" -Domainname autodiscover.contoso.com, mail.contoso.come -PrivateKeyExportable $True)

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jason wAuthor Commented:
Hi guys,

Thanks for all your help, at the end I give up and lodge a call with Microsoft.
Seems it was a corrupt certificate store, they had to manually import the certificate to store and run the repair.
Seems to be ok after.
I don't remember to command line to do the repair but you need the certificate serial number to do the repair.
Thanks
MASEE Solution Guide - Technical Dept HeadCommented:
@jason w
We proposed the same. Anyway glad to know its fixed.
MASEE Solution Guide - Technical Dept HeadCommented:
Enough information to confirm answer.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.