{"id":204,"date":"2018-05-08T17:03:46","date_gmt":"2018-05-08T15:03:46","guid":{"rendered":"http:\/\/zupertails.be\/wur\/?p=204"},"modified":"2018-05-08T17:03:46","modified_gmt":"2018-05-08T15:03:46","slug":"self-signed-server-certificate-has-expired-usually-in-sbs-environment","status":"publish","type":"post","link":"https:\/\/zupertails.be\/wur\/?p=204","title":{"rendered":"Self-signed server certificate has expired (usually in SBS environment)"},"content":{"rendered":"

\"\"If you’re born before 1990 (and if you’re in IT), you probably grew up with self-signed certificates.
\nThey give you a lovely fake feeling of security, but more than that, they will give users and the IT department horrible stress to configure.
\nIn “days of olde” (early 2000’s), an Exchange server was able to run over http traffic and a certificate was absolutely not required.<\/p>\n

Times have changed and so have security protocols. It’s ill-advised to use a self-signed certificate nowadays, as it is equally ill-advised to use a .local domain anymore on your domain controller.<\/p>\n

That being said, there’s a couple of ways to fix an expired self-signed certificate on a Windows SBS server. (read first, perform later, you’ll see why)<\/p>\n

Lazy mode<\/h2>\n

aka ‘fix my network’<\/em><\/p>\n

Open the SBS console, go to the ‘network’ menu and select the ‘Connectivity’ tab.<\/p>\n

\"\"<\/p>\n

Click ‘Fix my network’ and deselect everything except the certificate error, after this wizard stops scanning.<\/p>\n

\"\"<\/p>\n

The usual Next-Next-Next will follow and according to Microsoft, you’re good to go.<\/p>\n

HOWEVER…<\/p>\n

There’s a couple of things that can go wrong here :<\/p>\n