Hello, So you did New-ExchangeCertificate -GenerateRequest C:\certrequest.csr
... and requested the certificate from a certificate Authority Correct? You need to Import the Signed Certificate with the Import-ExchangeCertificate
commandlet Then you need to enable the certificate for the appropriate
services using Enable-ExchangeCertificate This will take care of the exchange side of things. However as you have mentioned ISA you need to export the
certificate and install it on the ISA server. Start and MMC and install the Certificates Snap In and select
the local system as the target. Expand the list and find the personal store (this is the
computer's personal certificate store). You should see listed the certificate
you just installed. Right click on the certificate and select Export from the
context Menu. Select Export Private Key and a transit password and a
filename. Export the certificate. Move the file to the ISA server and start MMC and Certificates.
Again target the local machine. Then right click on the personal store and
select Import. Import the certificate you copied from the exchange server. Then you can select the certificate for the ISA Web listener. Bill From:
exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On
Behalf Of Patrick I created the request for a certificate on the
exchange server. I think the next stage will be to import the cert and install
it on isa From: William T Holmes <wth1@xxxxxxxxxxx> Hello, How did you create the certificate? Did you create a request for
the certificate on the exchange server or the ISA server? Bill From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Patrick Hi Guys, I just need a bit of clarity on this. Why MS has decided to
change things, beats me. We are looking to publish owa through isa 2006. Exchange 2007 was installed with the default certificate
applied during installation. Now we have created a request for a CA sll which
has just arrived. We are looking to publish owa for start, then move on to
other things ie ActiveSync. Now my questing is how you got about this to get
things to work. We already have a dns name called owa.jackmurray.com, which
the Certificate was created in, now how do we go about getting this to work,
and also would applying this new certificate disbale the default one. Please
setps would be very helpful, I am finding it dificult to understand why ms has
made thinsg so complicated. thanks Patrick |