SBS Certificate refuses to install in Trusted Root certificate Aut

Printable View

20-09-2007
Blerim

SBS Certificate refuses to install in Trusted Root certificate Aut

I’m running a SBS 2003 RE server with several XP Pro Clients, everything works fine with this setup. The problem appears with two Vista based computers. Let me explain. With the first Vista, I had to run Internet Explorer 7 as an administrator and install the SBS self signed certificate into the trusted root Certificate authority store. Everything works good. When I try to install the certificate on second Vista in the trusted root certificate authority it confirms that inport was successful but I cannot see it anywhere.

Not just this, when I try using OWA, I see the warning which restricts me using Outlook and RPC over http. I have no idea how to get it solved. Hope someone here can help me out for the same.
20-09-2007
Lucile

Re: SBS Certificate refuses to install in Trusted Root certificate Aut

Well it sounds strange. Can you just tell me if there is already a Certificate for your SBS site? If yes, then just delete it and issue will be fixed.
21-09-2007
Blerim

Re: SBS Certificate refuses to install in Trusted Root certificate

Thanks for the help Lucile. Yes, it was there before and I have already delete it. But when I try again I find it again there, don’t know from where is it coming. It allows me to import the intermediate store without any problem but not the trusted root certificate authority. What now?
21-09-2007
SidharthGore

Re: SBS Certificate refuses to install in Trusted Root certificate
Hello friend, just go through the following steps to fix it out:
- First of all apply the Hotfix provided in this KB http://support.microsoft.com/?id=926505
- Rerun the CEICW to configure the certificate again
- Reset IE7 on Vista client
- Finally follow the steps provided here http://support.microsoft.com/?id=931850
20-04-2010
Abdulmajid

thank you!

Anyone looking for the exact location of this setting:
1. Open Windows SBS Console.
2. Begin "Set up your Internet address" wizard.
3. Click Next, "I already have a domain name that I want to use.", Next, "I want to manage the domain name myself.", Next.
4. Enter your domain name then click "Advanced settings".
5. Change your domain prefix to match your cert.

This will change the SBS websites to use a self-signed cert so you have to run the "Add a trusted certificate" wizard again to use your 3rd party cert for these sites.
09-09-2010
showme

Re: SBS Certificate refuses to install in Trusted Root certificate Aut

Hi All,

I have quite a similar problem with SBS 2008.

The server's cert is said to be OK and is for the correct domain. However, if I try to import it then nothing happens (does not show up in the trusted root CA section nor elsewhere) despite IE sais the import was successful.

I compared this cert to SBS 2003 certs and found that now, there is this Key Usage field which has an exclamation mark next to it.

The only way I could get the cert into IE was to export it together with a secret key to a PFX file and import this on the Clients. This way the key usage had more values and the import was really successful.

Unfortunately, this solution is not enugh for the users.

I would appreciate any ideas.

Thanks,
Peter