question

CarlBurch-7484 avatar image
0 Votes"
CarlBurch-7484 asked CarlBurch-7484 commented

DC certificate expired?

This makes no sense to me. Running Server 2019 that was cleanly installed a few days ago on PowerEdge T710 server. Downloaded/installed OpenManage and I can't log in to it because it says the certificate is expired. Huh?
When I check the cert in the browser, it shows SERVERNAME. The website I'm connecting to is https://SERVERNAME:1311
The cert is issued to SERVERNAME and was issued by SERVERNAME. But this domain controller is not a CA, nor does it have the CA role installed.
When I run CERTLM.MSC and can not find any certificate in the personal store or trusted roots store named SERVERNAME. So I'm wondering where the browser is getting this cert from, and (more importantly) since it's only valid for like a week (which has expired) how to I either renew this certificate, or get a new one issued by SERVERNAME?

windows-server-security
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

cthivierge avatar image
0 Votes"
cthivierge answered CarlBurch-7484 commented

By default, when you install a Windows Server, it does not have any certificate issued to the server itself, even if you install the ADDS role, no certificate will be installed.

My guess is that you have installed a 3rd party software that has created a self-signed certificate and this certificate has a 1 week of validity.

You've mentioned Dell Open Manage... if i remember, this application install a Self Signed Certificate. I would look at this thread
https://www.dell.com/community/Dell-OpenManage-Enterprise/Replace-DellEMC-OpenManage-Enterprise-self-signed-certificat/td-p/6212031

hth

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks cthivierge. Your reference got me to thinking that maybe I don't have the most current version of OpenManage. Turns out, I had version 8.?. Uninstalled that one then downloaded/installed version 9.3 and that seems to have solved the problem. The self-generated cert has a validity period of 2 years. Installed it in trusted roots, and all works fine now.
-Carl

0 Votes 0 ·