http://www.ISAserver.org ------------------------------------------------------- Unless IIS and ISA coexist on the same machine, IIS is irrelevant - you're trying to make the cert work on ISA. In order for the machine certificate to be useful on ISA, it must include the private key as part of the .cer file itself; not as a separate file. There are *many* articles on isaserver.org and ms.com/isaserver that provide step-by-step instructions on how to copy certificates from the published server to the ISA. For instance, here's one: http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/owa-walkthrough.mspx ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English Sent: Friday, May 19, 2006 10:46 To: isalist@xxxxxxxxxxxxx Subject: RE: [isalist] Re: Cert for OWA Jim, You are going way over my head what you said regarding the key. I have done this, I went to netsolssl.com and looked up how to replace the .key file with a new one, and followed their instructions, now I am waiting the three files issued under the .key to be sent to me. I have their step-by-step instructions on how to install the cert into IIS 5/6 which I am going to follow once I receive the files. My question is what steps do I need to take to import the cert into ISA 2004? I see the GTECyberTrustRoot cert gets installed under "Trusted Root Cert. Authorities" on IIS The NetworkSolutionsCA cert gets installed under "Intermediate Cert. Authorities" on IIS Then I install the SSL cert under the website in IIS. This part I am clear on.. ISA 2004 I am not.. :( Thanks for your help! Regards, Andrew ________________________________ From: isalist-bounce@xxxxxxxxxxxxx on behalf of Jim Harrison Sent: Fri 19/05/2006 1:00 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: Cert for OWA http://www.ISAserver.org ------------------------------------------------------- Did you import the CA certs into the ISA local machine trusted roots store? If ISA can't see the cert, are you *absolutely certain* that the purpose is "server authentication" and that the cert includes the private key? ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English Sent: Friday, May 19, 2006 10:02 To: isalist@xxxxxxxxxxxxx Subject: RE: [isalist] Re: Cert for OWA I imported the GTEGlobalRoot cert, www.autosoldnow.com.crt, and NetworksolutionsCA.crt into IIS after which I restarted IIS Admin. In ISA I tried putting the www.autosoldnow.com.cert into the Personal folder and it does not work. I tried going back to IIS and exporting the cert and found the option is all greyed out. I have looked all over the internet for installing crt IIS 6 or ISA and come up with how to install certs using the certs server, but nothing pointing to how-to install the versign type cert in both IIS 6 and ISA 2004. Regards, Andrew ________________________________ From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat Sent: Fri 19/05/2006 11:55 AM To: ISA Mailing List Subject: [isalist] Re: Cert for OWA Did you import the verisign cert, or did you import the cert that you exported from the IIS Server? Did you make it exportable? S ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English Sent: Friday, May 19, 2006 12:36 PM To: ISA Mailing List Subject: RE: [isalist] Re: Cert for OWA Can someone either point me in the direction were I can read/learn how to install bought CA certs from a provider like Versign on ISA 2004 and IIS 6.0? I really have to get this HTTPS site working today as there are over 15000 people that hit it each day and I have not been able to find a good working solution as to why ISA doesn't allow me to see the cert I just installed. Thanks!!! Regards, Andrew All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx