How to: Upgrade Your Windows Home Server Website Certificate

By Dave Marchant on August 25, 2010 in News, Windows Home Server

Yesterday’s Windows Home Server update included an upgrade for the remote access website’s security certificate:

2048-bit certificates will soon replace 1024-bit certificates. This update enables Home Server users to use 2048-bit certificates before 2048-bit certificates become the industry standard.

After you install this update, you are asked to renew Website certificates if you have already registered the live domain for the websites. After you finish the renewal process, the website certificates are upgraded to 2048-bit.

There has been some confusion in the WGS Forums and in the comments on yesterday’s news post regarding the renewal of the your home server’s certificate following the update. Here is a quick run through what you need to do.

Firstly, either trigger the updates manually, or wait until the routine overnight application of the patches and subsequent reboot. If you trigger the update manually from the Console, you will see the following screens:

Following the reboot, your home server health icon will turn red on your PC’s and you will see the following warning:

Open up the Console again and you will see the matching Network Health Warning:

The issue here is that the warning is ambiguous. “Click Configure and complete the wizard” may sound fine, but you’ll see there are two options available and Microsoft (until we just asked them) fail to tell you whether to release your current domain name or try the Choose a different domain name option. So, here’s the answer confirmed by the Windows Home Server Sustained Engineering team:

Go to Settings and select Remote Access. Click on the Configure button and then select Choose a different domain name. (Whilst this sounds like we’re going to choose a different domain name, we’re not, don’t worry).

After clicking on Next, you’ll be asked to select a Domain Name provider – you want Windows Live Custom Domains.

The Domain Name Setup Wizard opens, and you need to walk through the steps, entering your Windows Live address as the next step.

The wizard will hunt for any domains registered to you and should bring back your previously registered homeserver.com address. I’ve blanked mine out here for security reasons.

Ensure the radio button next to Choose a registered name is selected, and click next to proceed.

Once done, your Network Health will return to Green and you will have an updated certificate with your domain name. You can check your certificate has been upgraded as follows:
1. Browse to your WHS https site.
2. Click on the Padlock on the browser address bar
3. Click on View Certificates
4. Click on the Details Tab
5. Check the Valid From date – should be day you updated
6. Check the Public Key – should be 2048 bits.

Enjoyed this post? Share it.

If you enjoyed reading this post, then why not share it with your friends and followers?

About Dave Marchant

For me, Windows Home Server is very much a hobby as well as a very useful addition to the home computer network. I have been in the computer industry since the embryonic days of microprocessors having designed with some of the original 8-bit devices. In the past I have worked as UK Support Manager for a major PC manufacturer and I am currently IT Manager for a major Microsoft Gold Partner in the Business Products arena.

View all posts by Dave Marchant →

Sign Up for WGS Daily News

If you don't want to miss out on the latest news from We Got Served, why not subscribe to our daily digest? You'll get the day's headlines and a short summary of each news item delivered straight to your inbox each morning.

certificate, domain certificate, kb 949453, patch, Security, update, walk through, whs, Windows Home Server

← Toshiba to Kill the 3D Glasses?

New AV Product Coming On Line From Netgear →

T-Bone

What's the benefits with this? I mean the certificate thing?
T-Bone

Mine rebooted and my health light never turned red(MSS) and I didnt get a red Conector icon.
Eddie

I got the red icon and the message, but before I could go in and update them…it did it by itself ! I checked and sure enough I now have the new certificate.
http://homeservershow.com/forums diehard

thanks for following up with this post.
Rufus Roper

certifificate did not update, what' next?

stbus

Neither did mine. In the update history is see the patch is installed but when looking at the certificate on my domain name it still shows 1024 bit.

What steps do I need to take… not very familiar with this certificate stuff
Thx
StBus

phaze

Thanks for the follow up!
Jan

I followed your instructions, and now I can't get my domain name back.

Yesterday's article on using WD Advanced Format drives was also nice, in light of today's revelation that — as the WD and Microsoft advised — they don't work.

Thanks for providing untested, unreliable advice.

phaze

uhmm…. where is that article on WD Advanced Format drives??

http://www.wegotserved.com Terry Walsh

I'd like to know that too….! I think Jan is confusing us with another site. As you can see, Dave included a series of screenshots with the walkthrough, so it was tested. I've released and reclaimed my domain numerous times as I switch between home servers pretty much constantly for the site.

http://usingwindowshomeserver.com Andrew Edney

I think he is referring to MSWHS

Jay95

no luck for me either. I followed the above instructions but can not reclaim my domain name – it says that it is in use and to type a different name Even after I released it and did a reboot….

http://www.wegotserved.com Terry Walsh

Sounds like an issue with the Windows Live Domain servers not releasing the domain correctly…. strange though that this isn't happening to everyone.

Jay95

That's what I thought too.

So, how do I fix it? lol

Is it a case of giving it time?

Emailing someone to release the domain name?
http://usingwindowshomeserver.com Andrew Edney

I've seen this happen before when there are problems with the Live Domain servers.

I would suggest keep trying….

Andrew

PiffleMaster

Yup,
Had the same issue on a friend's network, but not mine.
Go figure…

Ender

Anyone have a solution to getting your old domain name back?

http://www.wegotserved.com Terry Walsh

Have pinged the WHS team at Microsoft to see what the correct support route is for this – I can't find any support resources for Windows Live domains. Will update as soon as I hear something.

Mjordan

The fix worked for me…buy I had another issue. I am running another web server on the same network so I had to change the secure port from 43. Don't ask me how but the update changed the port back to 43. Strange.
http://www.wegotserved.com Terry Walsh

Word back from Microsoft:

"The user is expected to go down the path of “choosing a different domain name” instead of releasing the name.

We do realize this has created confusion amongst users and will be publishing a blog or forums post with this information."

Given I've successfuly released and re-registered a domain on many occasions, as other have above, I've asked again why this isn't working for some users. Will update the post above and if i hear any more, will add another comment.

http://www.wegotserved.com Terry Walsh

Post updated and walkthrough confirmed working. Apologies for the error, although clearly release/renew is also working for some.

T-Bone

what are the benifits for the new certificates? Guess mine works seamlessly or I wouldnt be asking.
Rick

Follow up…

Perhaps just doing the refresh does not permanently resolve the issue. I had to reboot my server today and the error reappeared. So I went thru the procedure posted above by Terry this time. I had no problems with the procedure described.
Jay95

Thanks Terry,

Yes, it would be good if the Microsoft Team could confirm with me (and the others that are unable to select their old domain name) on how we can get our old domain name back. Whether they need to manually release it for us or if there is a workaround we can use on our WHS machine etc…

To me, it is simply a case of the domain name releasing processes failed with the update, so the Microsoft Team need to fix it !!!

Thanks

Jay95

P.S > it's been 12hrs now and I still can't select my old domain name.

Rufus Roper

It has been over 48 hours since I installed the update. I still cannot get my certificate to update. I cannot even get it to show that I have disabled the certificate. I have tried the TMZ paid certificate as well as the free Microsoft domain name certificate. Nothing is working.

Rufus Roper

How can I find out if the update installed sussessfully? Perhaps I need to reinstall it.
urmaster

Followed the guide worked flawlessly.
http://whsclamav.sourceforge.net/ Al West

I found another reboot allowed me to progress past the login and get my certificate setup and domain back.
Wazzup

Wasn't good enough => you have to follow the guide!
http://www.replicahandbagsite.com chanel handbags

nice links,, really wordpress theme building is very simple, but we need to revise all the tags, since there are 100 of tags which are useful in building successful wordpress theme,,,
http://wegotserved.com Rich

i was having the same problem mentioned above with regard to losing and not being able to recover my domain name. I found that i must use the email account to log on for my windows live account that I "originally" used to register the homeserver.com domain name. Once i remembered that I was able to recover my domain name and the new certificate updated.
Enigmatai

i already chose the "release the current domain name" option now i cannot login with my windows live ID it doesn't give me an error just spins as if it is processing and then just stays on the sign in with live ID page nothing happens??? anyone?? please??

The Illustrious

I'm in the same boat as you. When i put in my Live ID and password, I get an hourglass for about 10 seconds, and then nothing happens. I cannot advance past the Windows Live ID screen. Putting in the wrong password prompts me with an invalid password warning. So, WHS is obviously connecting to Microsoft and verify password credentials.

Any help people can offer would be appreciated, as this update seems to have broken Remote Access for many people because we can't update our Domain/Certificate information.
Bob Hails

I, too, can't login using my Windows Live ID even though I have no problem doing that outside of WHS. So I'm stuck. What now now?
jtraynor77

I had also chosen the dreaded "release the current domain name" option and got an error saying I needed to check my web connection (in addtion to my Verizon FIOS port fowarding was failing (sheesh!) when I tried to enter my email and password. I rebooted everything, in order, including reseting my Verizon FIOS router – and repeated to no avail. After wasting the WHOLE morning troubleshooting and reading the posts, I shut my WHS down completely for nine hours because I had to go to a meeting out of town.

jtraynor77

Tonight I started the WHS (from a cold boot nine hours before) and was able to continue and successfully get my domain back up! This worked for me and here is what I think happened: By selecting the dreaded "release the current domain name" option you're basically telling the Go Daddy Secure Certification Authority to empty information rather than replace information since you've released the name! I recollect the change the name option as a quicker way of tricking the server to keep data it needs to simply prompt for a rename (even if it's the same name) rather than "releasing" all the data. After a while (usually about five hours) the Go Daddy Secure Certification Authority computer resets itself by design.So in conclusion, if you selected the dreaded "release the current domain name" option, just shut the friggin WHS down for about five hours to give the Go Daddy Secure Certification Authority computer a chance to reset the original credentials, and follow the remaining steps above.

Jay95

Hi Terry, any other news from Microsoft for those of us that our domain name didn't release correctly?

Is there anyway we can get them to release the domains manually so we can reconfigure it via WHS?

Thanks

http://www.wegotserved.com Terry Walsh

Nothing back from them…. will chase.

Ender

Please do!

http://www.wegotserved.com Terry Walsh

Ok, heard back. If you're unable to get your domain back, can you please *email* me with your domain name and your Live ID. I don't need your password! I'll send these over to MS for investigation. Use the contact form link at the top of the page if you don't know my email address.

Sven

Pls, let us know the results as not every user can contact MS.
James

I have this same issue with one of the server I service. I released the domain name and not I can not get it to renew with any live ID. My one one was

Live ID = DrJEnterprises@gmail.com
Domain = http://www.BWGardens-29.homeserver.com

I would like to reassign the domain to another Live ID though BWGardens29@gmail.com

Not getting anywhere doing that though.

James

Ian

I have the same issue where I can't get past the live login step. I also notice that when I try to login to https://login.live.com, it fails with a certificate error. Could this be the problem? I notice on a different windows machine I don't get the certificate error for https://login.live.com

Thanks,
Ian

Jay95

G'day Terry,

Any news back from MS yet?

Cheers

http://www.wegotserved.com Terry Walsh

With regard to your specific issue, they think you're using the wrong email address –

"The Domain Jay77@homeserver.com appears to have the wrong email account. The associated live ID for that domain looks like jay77@iinet.com.au instead of jay77@iinet.net.au."

With regard to an overall solution – no news. As soon as I hear anything, (if I hear anything) I'll post.

Jay95

Thank you very much Terry !!!

I thought I'd amended the email address attached to my Live ID years ago but it appears that I created a new account !!

Cheers and thanks again for your help.

Adam

Any luck with MS Terry? I sent you my live account/domain last night. I know you didnt have much time, but just curious if there is any updates from MS?
James

I have had my server remote access off for weeks and tried by turning it back on and setting it back up with a new Live ID and also the old Live ID and still the same problems as before. I was hoping that that last server patch would have corrected the problem but it did not.

I want to use the Live ID BWGardens29@gmail.com for this server.
http://www.wegotserved.com Terry Walsh

All,

I've had a brief update on this issue – the headline is that Microsoft are unable to reproduce the issue, and the working assumption is that the problem may have been caused by an issue at GoDaddy. The advice is to try again.

"We did not get a repro for this issue. From both the code and our test result, the association between LiveID and the original domain name will be broken only when user choose to register a different domain name with the LiveID. Thus choosing “Release your current domain name” should not break the association, and users should have no problem to get the original domain name with their LiveID."

Sorry there's not better news on this.

Antoon Gijsens

Dear Terry,

Although the WHS guys argue that it shouldn't affect the association, somehow this association seems to be broken in my case.

At the time when I installed WHS (2.5 years ago), I created a Live ID account 'Obi1atkenobi@hotmail.com' and used this to set up my WHS domain name 'agds.homeserver.com'.

I hadn't used this Live ID since then and when trying to use it again, it wasn't active anymore.

I've created the Live ID again with the same password but when I try to configure again with this Live ID my domain name in the WHS console, it tells me that the "Domain name is not available".

I guess that this association can only be restored by the WHS guys? If you have any contacts over there, it would be great if you could forward my problem. It would be a real bummer to have let go of my WHS domain name.

Cheers,

Antoon.

turtle

Has anybody else run into an issue where after this update, you cannot connect to the WHS console but the server will still respond to a ping? I'm essentially locked out of my WHS right now as I can't get the console to load, and I can't access the server directly via RDC. The really weird part is that if I reboot the server, upon restarting I can briefly start a RDC, but it will eventually freeze and crash withing a few mins. No idea what to do other than trying a server restore.

Bryon

Have you found a solution for your problem. I am now experiencing the same issue.
Thanks

http://youshouldseo.com Dallas SEO Firm

Thanks for this AWESOME information! I will definitely have to try this in my blog!

Adios!
http://www.gwiazda.pl stoiska targowe

Exhibition stands are an essential element of the marketing activities of any company more stojaki reklamowe
http://www.articlemarketinghq.com/article-writing/choose-a-writer article marketing bl

Pretty good post. I just stumbled upon your website and wanted to say that I have really enjoyed reading your blog posts. Any way Ill be subscribing to your feed and I hope you post again soon. Thanks!
http://www.macbookproupgrades.com Lissette Boudrieau

I have read several good stuff here. Definitely price bookmarking for revisiting. I wonder how so much effort you set to create any such excellent informative site.
http://prowebmarketing.ca/services.html ProWebMarketing offe

I have read some just right stuff here. Certainly worth bookmarking for revisiting. I surprise how much effort you place to make any such magnificent informative website.

How to: Upgrade Your Windows Home Server Website Certificate

Enjoyed this post? Share it.

About Dave Marchant

Sign Up for WGS Daily News

WGS on Facebook & Twitter

WGS Recommends (US)