This post discusses the certificate distribution package on SBS 2008. The SBS 2008 self-signed SSL certificate that is installed in IIS 7 is a leaf certificate; meaning that the Issued to and Issued by names are not the same. Unlike SBS 2003, Certificate Services is installed as part of setup and a root Certificate Authority (CA) certificate is created to validate the server. If a client machine or mobile device trusts the SBS root CA certificate, it will trust any leaf certificate the CA issues. Therefore, if you change your external domain name and create a new self-signed SSL certificate through the Internet Address Management Wizard (IAMW), these clients and mobile devices will not have to install any new certificates into their stores. Here is an example of the SBS 2008 self-signed certificate[…]

Full Article