This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL Certificate expired

Hello everyone,

 

I need a little help here.

 

When I first installed the server 2018, I had to create an SSL certificate in the process with IIS.

I was a little rushed to install everything and make it work and i didn't really notified the expiring dates.

 

So my problem is the certificate has expired and i'm not sure how i should manage that.

Do i have to create a new certificate in IIS again or try to extended it ? Do i need to create a new configuration package ?

because for now, new computers are not able to sync with the server.

 

I was reading the installation document this morning and I'm not really sure if i have to do the same thing as before.

I would like if possible, a procedure to fix that issue.

 

 

thank you very much,

Pascal



This thread was automatically locked due to age.
Parents Reply Children
  • Hi - This solution doesn't really answer your question about renewal of the IIS cert, this is guidance for the initial setting up and binding. There IS guidance about renewal of the Company Cert (https://community.sophos.com/kb/en-us/116791) but I can't find any about IIS as you've asked. I have though logged a call with Sophos as I have the same query too and wish to resolve the same thing! If I get a reply I'll update you. I would like to imagine it "should" be as simple as a CSR on the server and installing the new cert - assuming nothing like hostname/DNS has changed! I have a mixed estate here (Mac AND Windows) so it's going to be a little more challenging as the cert resides on my Mac clients - but I'll keep you updated with what they advise!

  • Hello Michael,

     

    indeed, i tried to do as mentioned but it didn't work.

    i will place a call with Sophos because it is impacting all new user and the sync is not working anymore.

     

    thanks for your reply

  • Ok i finally fixed the problem.

    1. create a new certificate with Safeguard Certificate Manager.

    2. Import it into your organization Trusted Root Certificates.

    3. Export it again but from your Company certificates

    4. import the certificate to Safeguard Server IIS.

    5. Edit the Biding settings for HTTPS, select the new Certificate.

    6. Install the Certificate on computers manually and / or push by GPO

    7. Resync Safeguard Client on computer.

  • Well done - Good work. I'd still like Sophos's official line on this. I also have Mac clients so won't be quite so easy to push certs to them in the particular configuration we have!

    I'd like to see it done with a CSR too, rather than a new cert.

    Thanks for the update and well done again for sorting it!