Hi,
I'm fairly new administering ISS and certificates. I have an old Windows 2003 server (running IIS5, I believe) acting as an Exchange 2003 front-end server. The current certificate expires in a few days. For what it's worth, the current certificate is 1024-bit.
I have obtained a new 2048-bit UCC cert, which has 5 SAN (subject alternate names), one of which matches the server name I am trying to refresh above.
I have installed this new certificate into the local certificate store on the Windows 2003 server. I then go into ISS, find the 'Exchange Web Site', go into Properties > Directory Security > Server Cerfiticate and run through the wizard to replace the soon-expiring certificate. Once complete, I check the website (Outlook Web Access) and get 'Page cannot be displayed'.
So, I go back and put the old cert in place and the page is working again. Odd.
I then tried to remove the certificate from the site. After doing this I expected to see a message along the lines of 'you are trying to view a page without a valid certificate'. But again, I still just get 'page cannot be displayed'.
Any idea what I should look for? I have restarted IIS and the whole server, but it's still not playing well.
Thanks