Quick Fix: SBS 2008 ‘Sites’ Self Signed Certificate Expired
December 7, 2011 23 Comments
I had a call today from a partner IT firm who we work with sometimes that had an issue on an SBS 2008 Server. One of the default SSL Certificates had expired, and in turn knocked out Sage 200 that was installed and running on this server. Sage links into the Default website and some of its operations require an SSL certificate. I wont pretend to understand what or why or even how because what i know about Sage can be written on top of a pin head with a power drill.
However, i did manage to help said partner replace his SSL Certificate and make Sage a happy bunny again.
Firstly i found that on my own SBS 2008 server,
the sites Certificate was also Expired.
I tried a few different ways i know to renew the certificate, which all failed. This included using the Certificates MMC for the computer account, using IIS to try to renew the certificate directly, or creating a renewal request and submitting that to the SBS-CA.
Next i decided if i can’t renew, let’s just make a new one.
So on the right hand side of the IIS Server Certificates applet, there is an option to ‘Create a Domain Certificate’
You will need to fill out all of the fields. Note that only the Common Name field is relevant (as far as i can tell anyway) Click Next when done.
On the next page you need to click on Select, and choose the only available Certificate Authority, which should be easily recognisable, given it will be the only one in the list.
Then enter a friendly name. This name is just so you can recognise the certificate in a list of all the other available certificates and is not tied to any value within the SSL at all.
Click on Finish when done.
You will now see your new SSL showing in the list.
(you can see i had a few goes at this to make sure i got it right)
Next we need to change the binding of the site that is using the expired SSL certificate.
Select the website you need to edit, in the case of Sage it is the Default Website.
On the right hand side, click on Bindings.
Under Bindings, select the HTTPS binding, and then use the drop down menu to select an SSL Certificate.
Click on OK to confirm and acknowledge any warning messages you may receive.
(Disclaimer, i cant tell you what the warnings are because i am not running Sage on my server, but rest assured i will not take any responsibility for anything that goes wrong and by reading this disclaimer in your head or out loud you have waived any legal responsibility on my part in perpetuity throughout the universe)
Moving on, you may want to just restart the website..
Your website is now running the new SSL Certificate, and any issues with Sage are now there own fault and you should probably call them.
I hope i am not giving off any Anti Sage vibe…
A while back i found this neat Sage installation guide which gives some good instruction on Installing Sage on an SBS Server. Not sure who the company is hosting the link, but i found it on Google so it’s fair game..
Hope this was useful.