First of all I am pretty new to certificates. Besides that, I had to translate all from a computer running dutch Windows. Excuse me in advance if I mistake. This is my problem: I have installed an SBS 2008 server in a small LAN. The server is a DMZ host behind a router (forwarding ports didn't work) running NAT. During installation a self-issued certificate was created: Issued to remote.companyname.com, Issued by companyname-servername-CA. On a computer outside the domain (through internet) I added "xxx.xxx.xxx.xxx remote.companyname.com" to the hosts file and saved it. Now, when I access Outlook Web Access from that client using https://remote.companyname.com/owa Internet Explorer 8 reports a certificate error (Certificate not trusted). I then exported the server's certificate to a *.cer-file (using mmc with the add-on), and imported it to the client machine into the Trusted Root Certification Authorities folder (also using mmc). When opening the certificate the window shows "Not enough information to check this certificate.". After importing the certificate IE 8 still reports certificate errors, with almost every action, which is pretty annoying. Can anybody help me solve this problem? If additional information is required, please let me know. Thanx in advance. Erwin

Your best option is to switch the certificate for a commercial certificate. Then you will not need to import anything. You didn't import the certificate in to the right place - it isn't a root certificate, it is effectively a personal certificate. The best way to ensure that it goes in to the correct place is to simply browse to the server, when you get the error go past it, then choose the certificate and import it. Although long term, changing the self signed certificate to a commercial one is your best option. Putting the server in a DMZ isn't a great idea either. There should be no reason why the port forwarding didn't work. Did you allow SBS to configure the router for you using uPNP? Simon.Simon Butler, Exchange MVP. http://blog.sembee.co.uk , http://exbpa.com/

Hi, If you do need more help on SBS, then I recommend you to post the issue in SBS forum. http://social.technet.microsoft.com/Forums/en-US/smallbusinessserver/threads Regards, Xiu

Simon, Thanx for your reply to this issue. At the moment, the problem is solved. Apparently there was a problem with the certificate. I had a new one made after creating a new DNS-zone (because it was not correct either). I then removed the existing certificate from the client machines and imported the new one. All is working fine now. I haven't checked the DMZ part so far, but I will in the near future. Cheers, Erwin