RE: Getting rid of a rogue SSl certificate
- From: "Godfrey Nicholson" <godfrey at ofektech dot com>
- Date: Mon, 11 Apr 2005 01:20:02 -0700
Charles:
I have never understood what you mean when you say this:
"Find the SSLCertHash under the companyweb site (should be /lm/w3svc/4) and
replace the one that is there with the one copied."
Find it where?
I have replaced IIS but it makes no difference. The strange certificate is
still there, blocking any attempt to do an https://mydomain/remote connection
to the server.
I have wondered whether it is something that has been stuck in IS. Would it
make a difference to uninstall and reinstall IS?
Godfrey
""Charles Yang [MSFT]"" wrote:
> Hi Godfrey,
>
> Welcome to this SBS newsgroup.
>
> According to your description, I understand that you want to delete a rogue
> certificate in the SBS 2003. If I am off base, please let me know.
>
> Based on my research, I would like you follow the steps to remove the
> certificate:
>
> 1. Open IIS Manager mmc
> 2. Right click the Properties of companyweb.
> 3. In the Drectory Security tab, click Server Certificate and select
> Remove Certificate.
>
>
> If above does not work.. you may try the following to at least be able to
> remove the certificate information from the companyweb site.
> 2. Make a backup of the IIS metabase , (Open the IIS node in the
> server management, then right click on the Server name and select All Task/
> Backup/Restore Configuration)
> 2. In the IIS node right click on the Server name then choose
> properties check the box for Enable Direct Metabase Edit.
> 3. Open \%systemroot%\system32\inetsrv\metabase.xml in notepad.
> 4. Edit/find and search on SSLCertHash should find a reference in the
> /lm/w3svc/1 location..Edit/copy the SSLCertHash line Find the SSLCertHash
> under the companyweb site (should be /lm/w3svc/4) and replace the one that
> is there with the one copied.
> 5. Save the files.
> 6. In the IIS node right click to choose the properties on the
> servername and uncheck the box for Enable Direct Metabase Edit.
>
> You should be able to now view the certificate on the companyweb
>
> Hope the above information helps, if you have any issue, please let me
> know. I am standing by to help you.
>
> Best regards,
>
> Charles Yang (MSFT)
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
>
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
.
- Follow-Ups:
- RE: Getting rid of a rogue SSl certificate
- From: "Charles Yang [MSFT]"
- RE: Getting rid of a rogue SSl certificate
- Prev by Date: Company web 2003
- Next by Date: Re: RAID for backup. RAID 5 or RAID 1?
- Previous by thread: Company web 2003
- Next by thread: RE: Getting rid of a rogue SSl certificate
- Index(es):
Relevant Pages
|
