Certificate and Event Error Queries

hi,

please bear me inexperienced when comes ca , dc's. have been going through event viewer on our dc (server 2003) , keeps kicking out few errors. i'm not aware of issues have other dc needing restart due system hang, can go months , other times can go few times within week or so. i’ve put down old, poor spec’d server more else.

error events:

event id: 58 - certificate in chain ca certificate 0 mail.testdomain.com has expired.  required certificate not within validity period when verifying against current system clock or timestamp in signed file. 0x800b0101 (-2146762495).

this proceeded this: event id 100 - certificate services did not start: not load or verify current ca certificate.  mail.testdomain.com required certificate not within validity period when verifying against current system clock or timestamp in signed file. 0x800b0101 (-2146762495).

event id 2010 - server certificate instance '1' not chain trusted root certificate.

event id 36872 - no suitable default server credential exists on system. prevent server applications expect make use of system default credentials accepting ssl connections. example of such application directory server. applications manage own credentials, such internet information server, not affected this.

event id 10010 - server {d99e6e73-fc88-11d0-b498-00a0c90312f3} did not register dcom within required timeout.

i've noticed ca service stopped, when try start it, shortly after stops. when ca authority directory has 1 entry of mail.testdomain.com has stopped icon on it, meaning isn't running.

now server dc used exchange 2003 server before migrated many years ago. if i'm being honest have no experience in , concerned if cause me problems i'm not sure have. wanting expert opinion on think should do, if try renew ca cert rid of error messages or leave , ignore messages it’s no longer required?

any appreciated. have no doubt left lot of information unanswered please let me know (if any) further info need me out.

:)

 

hello,

ca , certificate questions better asked in http://social.technet.microsoft.com/forums/windowsserver/en-us/home?forum=winserversecurity

---

best regards

meinolf weber

mvp, mcp, mcts

microsoft mvp - directory services

my blog: http://blogs.msmvps.com/mweber

disclaimer: posting provided no warranties or guarantees , confers no rights.

twitter:  

Windows Server  >  Security