A self-signed certificate is issued for web services (IIS) and it has a default validity period of 2 years. After that time, users of web services will be prompted with a dialog box asking if they still want to access a service that uses an outdated certificate. Outlook users could also be prompted with this dialog box. This box will appear every time a new connection is made.
To prevent this, we need to reissue another certificate to replace the old one. Self-signed certificates cannot be renewed.
We can easily do this using the “Fix my network” wizard. On SBS 2008, it can be accessed under Network => Connectivity in the SBS console. I think we can use this same wizard to reissue a certificate up to a month before the old one expires.
sources:
http://technet.microsoft.com/en-us/library/dd378790(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc546020(v=ws.10).aspx