SBS2011 Sites Certificate Expired

Quickie post – I’ve ran into a handful of servers since SBS2008 that have their Sites certificate expired and this results in a handful of event log messages and other annoyances. It a customer actually uses the Sharepoint service built-in, obviously the site won’t work properly using HTTPS because … well, the certificate is expired.

Reissuing this is pretty easy using the following steps:

  1. Open the IIS Manager on the SBS Server
  2. Click on the server name in the left-hand side tree (see image @ #4)
  3. Double-click SSL Certificates, which opens that section
  4. Click New Domain Certificate as shown:
    sbs2011sitescert1
  5. Enter information on the certificate noting that the Common Name should be Sites:
    sbs2011sitescert2
  6. On the next screen, select the Domain’s certificate authority and enter a friendly name:
    sbs2011sitescert3
    Note: To my knowledge, all SBS services come with AD Certificate Services installed, which is the basis for this whole article
  7. The certificate is now available to IIS. Review your IIS Site bindings and move any sites using the oldĀ Sites certificate to the one you just creased.
  8. Don’t forget to delete the old Sites certificate off the machine or you’ll get warnings in your Application log about it being expired.

Pretty easy!