One More Thing, "Export that certificate WITH ITS PRIVATE KEY to a file." = .pfx file. If you have that extension you are doing great. I notice that Tom S. article on the ISAServer.org web site doesn't really go into depth about this step, how to, file name etc, and it would really help if you add a 100 words there. From the guy that just did it three days ago. -Wayne The ISAPI Dev Lurking on the ISA Admin List _____ From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Wednesday, February 02, 2005 11:55 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Generating a certificate request for OWA http://www.ISAserver.org Arggggghhh...another one. Here's how you do it: Example: owa.domain.com Request and bind a Web site certificate to the OWA site, make sure the common name on the certificate is owa.domain.com Export that certificate WITH ITS PRIVATE KEY to a file. Import the certificate with its private key into the ISA firewall's machine certificate store. Create the OWA Web publishing rule. Bind the OWA Web site certificate to the Web listener. Make sure the Public Name you use for the Web Publishing Rule is EXACTLY THE SAME as the common name on the certificate Make sure the ISA firewall resolves the name of the OWA site to the actual IP address of the site. S _____ From: Rob Moore [mailto:RMoore@xxxxxxxx] Sent: Wednesday, February 02, 2005 3:49 PM To: ISA Mailing List Subject: [isalist] Generating a certificate request for OWA http://www.ISAserver.org Hello all-- I'm generating a certificate request for my OWA server. I plan to install it on my ISA 2004 server. The instructions for generating the request are not entirely clear. In Microsoft's document it says, "if this certificate will be exported to the ISA Server computer [it will], the name on the certificate must match the name you use to publish the website in the Web publishing rule." I've already created one incorrect request trying to follow this. For the name on the request, should I look on the "To" tab for the OWA publishing rule and use the server name I see there? (This is an internal name, delta.afsc.local.) Or should I use the public name for the server (owa.afsc.org)? Or something else all together? Thanks, Rob ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: wayne@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx