[isalist] Re: CA

  • From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 5 Jul 2006 12:05:02 -0700

Don't add NICs to solve a certificate problem.
You'll only get bald.

________________________________

From: isalist-bounce@xxxxxxxxxxxxx on behalf of Ruba Al-Omari
Sent: Wed 7/5/2006 10:21 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: CA


ok I will double check on Saturday, but if I found them the same, what else 
could the error message be trying to tell me?? :)
 
are you going to give any clues about the third nic or the apache? am sitting 
in my thinking chair
 
 

 
On 7/5/06, Jim Harrison <Jim@xxxxxxxxxxxx> wrote: 

        That's not what the error message is telling you.
        What it's saying is that the common name in the certificate does not 
match the destinaiton hostname specified in the publishing rule. 
        
        ________________________________
        
        From: isalist-bounce@xxxxxxxxxxxxx on behalf of Ruba Al-Omari
        Sent: Wed 7/5/2006 9:20 AM
        To: isalist@xxxxxxxxxxxxx
        Subject: [isalist] Re: CA
        
        
        I checked the certificate installed on the webserver and the one on the 
ISA and they match, what else should I check?
        
        Also If I install a third NIC on the ISA that belongs to the DMZ (that 
the second NIC belongs to) and create a second weblistener there, will that 
work? I have avaliable public IPs on teh "hardware" firewall (and wildcard 
certificates are quiet expensive.) 
        
        One last thing, does the ISA publish an Apache server?
        
        Thanks,
        r.
        
        On 7/5/06, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
        
               That error tells you that they don't match between the ISA and 
the published server. 
        
               ________________________________
        
               From: isalist-bounce@xxxxxxxxxxxxx on behalf of Ruba Al-Omari
               Sent: Wed 7/5/2006 4:06 AM
               To: isalist@xxxxxxxxxxxxx
               Subject: [isalist] CA
        
        
               am doing this testing CA, I followed the article from Dr. Tom 
(Publishing 2 websites with the same web listener), the OWA is working ok, it 
listens to the wild card certificate and redirect to the webmail certificate, 
but the other site, it listens to the wildcard certificate, then get me the 
outlook FBA logon screen (which I don't like, but I will check it later), then 
after authentication I receive the error: 
        
               *       Error Code: 500 Internal Server Error. The target 
principal name is incorrect. (-2146893022)
        
               I am sure the name on the certificate is the same name at the 
public DNS and internal DNS and publishing rule, any advice? 
        
               Thanks,
               r.
        
               All mail to and from this domain is GFI-scanned.
        
        
        
        
        
        
        All mail to and from this domain is GFI-scanned.
        
        
        



All mail to and from this domain is GFI-scanned.

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 07-2006