On modern Windows servers, you can create a self-signed certificate with powershell, using the new-selfsignedcertificate command. By default, this certificate will only last for 1 year before expiring. To create a certificate that lasts a little longer, fire up an admin powershell, and do this:

$fromtoday = get-date
$5years = $fromtoday.addyears(5)
new-selfsignedcertificate -dnsname mycertname.mydomainname.com -notafter $5years -certstorelocation cert:\localmachine\my

1. Go to the Windows SBS Console, click on Network Tab, then click the Connectivity Tab
2. Click on the certificate icon, then click the “view certificate properties” in the right pane. In the “General” tab of the new window, it will show the dates that the self-signed certificate is valid for.
3. In the “Connectivity Tasks” area, click “Set up your Internet address”, go through the wizard to renew your self-signed SSL certificate.
4. When you now check the certificate properties, you will see that it is now valid for another two more years.

Need to determine if you are using weak ciphers in IIS?
Try SSLDigger, it’s a free utility from Foundstone.

Also, if you’re running Windows Server 2008, and want to just disable all weak ciphers, you can use these registry merge files.
Just merge them with your registry, and reboot. Here they are.

I should point out that just randomly merging registry files you've found on the Internet is a lot like eating a sandwich that you've found on the sidewalk. If you don't understand what you are doing, you may want to do a little research first. I can't help you if you destroy your servers with these files. You've been warned.