Managing Certificates

Updated: July 22, 2009

Applies To: Windows SBS 2008, Windows Small Business Server 2011 Standard

A certificate contains data that is used to verify the identity of the server and to encrypt information that is exchanged over a non-secure network, such as the Internet. You may purchase a trusted certificate from a certificate provider, or you may use a self-signed certificate, which you can generate in Windows SBS 2008. All of the supported domain name providers also offer Web certificates.

The status of the certificate on Windows SBS 2008 may be in one of four states:

  • Self-issued   A self-issued root certificate is created during installation, and it is renewed when you run the Fix My Network Wizard. A self-issued leaf certificate is created or updated based on the root certificate when you run the Internet Address Management Wizard and provide the domain name. Users must install a self-issued certificate on remote computers and devices by using the certificate installation package.

  • Trusted   A trusted certificate is purchased from a certificate authority. A certificate authority establishes and verifies the authenticity of your server or the identity of your organization. After you configure Windows SBS 2008 to use a trusted certificate, it is not necessary for users to install a certificate on remote computers and devices. This certificate helps ensure that connections from Internet-enabled computers and devices are trusted and secure.

  • Request pending   If the status of the certificate is “Request pending,” a trusted certificate has been requested from a certificate authority, but it has not been installed on the server. The server continues to use the self-issued certificate until the trusted certificate is received from the certificate authority and installed on the server. If you do not want to finish the request, it is recommended that you remove the request.

  • Unknown   If the status of the trusted certificate is unknown, there is an issue with the trusted certificate. You may need to reinstall the trusted certificate or there may be an issue with an intermediate certificate in a certificate chain. Contact the certificate authority to ensure that the certificate is installed correctly.

For information about managing certificates on Windows SBS 2008, see the following topics: