Kim Van Rymenant
asked on
About 2 exchange certificates
Hey Experts,
I have inherited a small business customer who's only server is a SBS2011 (25clients).
The SBS on premise exchange server is heavily used, and as it has been some time I've still had to maintain an exchange 2010 I've lost a bit of knowledge about these inhouse mailservers.
I've noticed 2 warning events popping up from eventvwr with eventid 26: exchange web services, informing me that 2 exchange certificates will be expiring soon.
When I check the services they are used for, it says they are used for nothing. (check attachment)
I'm someone who likes this to be as clean as possible, so can I just delete these?
Or will I need to renew? And if so, whatfor?
Please advise!
Kind regards,
Kim
expertsexchange.jpg
I have inherited a small business customer who's only server is a SBS2011 (25clients).
The SBS on premise exchange server is heavily used, and as it has been some time I've still had to maintain an exchange 2010 I've lost a bit of knowledge about these inhouse mailservers.
I've noticed 2 warning events popping up from eventvwr with eventid 26: exchange web services, informing me that 2 exchange certificates will be expiring soon.
When I check the services they are used for, it says they are used for nothing. (check attachment)
I'm someone who likes this to be as clean as possible, so can I just delete these?
Or will I need to renew? And if so, whatfor?
Please advise!
Kind regards,
Kim
expertsexchange.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Dear Wayne88,
There are no known services attached to the certificates, as shown in the screenshot.
The Get-ExchangeCertificate
I guess I can safely delete, as apparently there's only one used?
Please confirm?
Kind regards,
Kim
There are no known services attached to the certificates, as shown in the screenshot.
The Get-ExchangeCertificate
I guess I can safely delete, as apparently there's only one used?Please confirm?
Kind regards,
Kim
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I just checked and, no they don't end with that thumbprint.
Can I assume that it was my predecessor messing around trying to create a self-signed cert, having issues with the owa IIS not willing to cooperate (certification errors popping up), and that the decision was made to get an external authority to provide a valid certificate?
Can I assume that it was my predecessor messing around trying to create a self-signed cert, having issues with the owa IIS not willing to cooperate (certification errors popping up), and that the decision was made to get an external authority to provide a valid certificate?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Dear Wayne88,
thanks for the helpful replies.
I'll delete the certificates this week, and keep you informed!
thanks for the helpful replies.
I'll delete the certificates this week, and keep you informed!
Hi Kim, sure and keep us updated. Thanks for getting back.
ASKER
Dear Wayne88,
exchange certificates deleted, no issues came up.
Thanks for the confirmation!
Kudos to you!
Greetings!
Kim
exchange certificates deleted, no issues came up.
Thanks for the confirmation!
Kudos to you!
Greetings!
Kim
You're welcome Kim and thanks for getting back! Cheers!
dont use self signed certs use Godaddy or competitor level wildcard certs and SSL your exchange EWS urls autodiscover etc from the one wildcard cert.
self signeds are for cowboys in my opinion. #1