Problem
Persistent issue with VeriSign SSL certificates through IIS/Exchange
Cause
The VeriSign Class 3 Public Primary Certification Authority - G5 Root CA certificate (expiring on the 16/07/2011) is enabled
Resolution
Proceed the following steps to locate and disable the VeriSign Root CA certificate:
1. Create a Certificate Snap-In in Microsoft Management Console (MMC).
2.When the MMC and the Certificates snap-in are open, expand the Trusted Root Certification Authorities folder on the left and choose Certificates sub-folder.
3. Select the following certificate:
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expiration Date: 7/16/2036
Serial Number: 18 da d1 9e 26 7d e8 bb 4a 21 58 cd cc 6b 3b 4a
4. If this certificate is present, disable it.
5. Right click the certificate and select Properties
6. In the Certificate purposes section, choose Disable all purposes for this certificate
7.Click the OK button. Then, close the MMC - there is no need to save console settings