[isalist] Re: Cert for OWA
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Fri, 19 May 2006 10:49:20 -0700
http://www.ISAserver.org
-------------------------------------------------------
Unless IIS and ISA coexist on the same machine, IIS is irrelevant - you're
trying to make the cert work on ISA.
In order for the machine certificate to be useful on ISA, it must include the
private key as part of the .cer file itself; not as a separate file.
There are *many* articles on isaserver.org and ms.com/isaserver that provide
step-by-step instructions on how to copy certificates from the published server
to the ISA.
For instance, here's one:
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/owa-walkthrough.mspx
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Andrew English
Sent: Friday, May 19, 2006 10:46
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: Cert for OWA
Jim,
You are going way over my head what you said regarding the key.
I have done this, I went to netsolssl.com and looked up how to replace the .key
file with a new one, and followed their instructions, now I am waiting the
three files issued under the .key to be sent to me. I have their step-by-step
instructions on how to install the cert into IIS 5/6 which I am going to follow
once I receive the files.
My question is what steps do I need to take to import the cert into ISA 2004?
I see the GTECyberTrustRoot cert gets installed under "Trusted Root Cert.
Authorities" on IIS The NetworkSolutionsCA cert gets installed under
"Intermediate Cert. Authorities" on IIS Then I install the SSL cert under the
website in IIS.
This part I am clear on.. ISA 2004 I am not.. :(
Thanks for your help!
Regards,
Andrew
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Jim Harrison
Sent: Fri 19/05/2006 1:00 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Cert for OWA
http://www.ISAserver.org
-------------------------------------------------------
Did you import the CA certs into the ISA local machine trusted roots store?
If ISA can't see the cert, are you *absolutely certain* that the purpose is
"server authentication" and that the cert includes the private key?
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Andrew English
Sent: Friday, May 19, 2006 10:02
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: Cert for OWA
I imported the GTEGlobalRoot cert, www.autosoldnow.com.crt, and
NetworksolutionsCA.crt into IIS after which I restarted IIS Admin. In ISA I
tried putting the www.autosoldnow.com.cert into the Personal folder and it does
not work. I tried going back to IIS and exporting the cert and found the option
is all greyed out.
I have looked all over the internet for installing crt IIS 6 or ISA and come up
with how to install certs using the certs server, but nothing pointing to
how-to install the versign type cert in both IIS 6 and ISA 2004.
Regards,
Andrew
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat
Sent: Fri 19/05/2006 11:55 AM
To: ISA Mailing List
Subject: [isalist] Re: Cert for OWA
Did you import the verisign cert, or did you import the cert that you exported
from the IIS Server?
Did you make it exportable?
S
________________________________
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Andrew English
Sent: Friday, May 19, 2006 12:36 PM
To: ISA Mailing List
Subject: RE: [isalist] Re: Cert for OWA
Can someone either point me in the direction were I can read/learn how to
install bought CA certs from a provider like Versign on ISA 2004 and IIS 6.0? I
really have to get this HTTPS site working today as there are over 15000 people
that hit it each day and I have not been able to find a good working solution
as to why ISA doesn't allow me to see the cert I just installed. Thanks!!!
Regards,
Andrew
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
