Certificate errors in SBS 2011
I am using SBS 2011 and getting a message about "The certificate that is helping to secure your website traffic will expire in less than two weeks. Before then, run the "Fix My Network Wizard" from the connectivity subtab on the network page of the Windows SBS console.
I did that but I am still getting the error message. I checked the certificate tool and I see the list in the attached file. It looks like I have multiple certificates that I may not need and that may be keeping me from fixing this problem. I uploaded that file.
CertificateIssues.rtf
I did that but I am still getting the error message. I checked the certificate tool and I see the list in the attached file. It looks like I have multiple certificates that I may not need and that may be keeping me from fixing this problem. I uploaded that file.
CertificateIssues.rtf
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the help. I have numerous certificates under IIS Server Certificates. Some are current and some are old. Can I delete the old ones? (also, I could not upload a list of the certs in IIS but it looks very similar to the file I uploaded)
Go to the Remote Web Access URL: https://remote.domain.com/remote with a browser that allows you to look at the certificate and its details.
Check the expiry date.
Given the age of SBS 2011 I suggest doing the following to renew:
+ Open IIS Manager
+ Create a new certificate request:
++ Common Name = URL
++ Set bit depth to 2048
++ Save to C:\Temp\2019RemoteSSL_CSR.
+ Purchase a certificate (we use GoGetSSL --> RapidSSL for ours)
+ Drop the CSR and approve the request via e-mail
+ Once the new certificate comes in copy and paste the contents into a new NotePad session
+ Save the file to C:\Temp\2019-RemoteSSL_SSL
+ In IIS COMPLETE the certificate request
+ Select the above file (need *.* all files in TYPE)
Once the above process is complete then use the Third Party Trusted Certificates wizard in the SBS Console and choose the option "Certificate Located on this Server". It will do its thing. Done.
Check the expiry date.
Given the age of SBS 2011 I suggest doing the following to renew:
+ Open IIS Manager
+ Create a new certificate request:
++ Common Name = URL
++ Set bit depth to 2048
++ Save to C:\Temp\2019RemoteSSL_CSR.
+ Purchase a certificate (we use GoGetSSL --> RapidSSL for ours)
+ Drop the CSR and approve the request via e-mail
+ Once the new certificate comes in copy and paste the contents into a new NotePad session
+ Save the file to C:\Temp\2019-RemoteSSL_SSL
+ In IIS COMPLETE the certificate request
+ Select the above file (need *.* all files in TYPE)
Once the above process is complete then use the Third Party Trusted Certificates wizard in the SBS Console and choose the option "Certificate Located on this Server". It will do its thing. Done.
ASKER
Thanks for the instructions. What Type of certificate do i choose at Rapid SSL. They have many choices. I've requested info from them but they haven't responded.
The least expensive 1 or 2 year option is what we choose. Something like $5 or $7 per year? That's all that is needed.
ASKER