[isalist] Re: Cert for OWA
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 19 May 2006 11:21:10 -0700
http://www.ISAserver.org
-------------------------------------------------------
Coming in late, but:
Andrew, once the cert is installed on ISA you'll choose it when you build
the SSL bridging publishing rule...
On 5/19/06 10:49 AM, "Jim Harrison" <Jim@xxxxxxxxxxxx> spoketh to all:
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Unless IIS and ISA coexist on the same machine, IIS is irrelevant - you're
> trying to make the cert work on ISA.
> In order for the machine certificate to be useful on ISA, it must include the
> private key as part of the .cer file itself; not as a separate file.
>
> There are *many* articles on isaserver.org and ms.com/isaserver that provide
> step-by-step instructions on how to copy certificates from the published
> server to the ISA.
> For instance, here's one:
>
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/owa-walkthrough.msp>
x
>
> -------------------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> -------------------------------------------------------
>
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
> Behalf Of Andrew English
> Sent: Friday, May 19, 2006 10:46
> To: isalist@xxxxxxxxxxxxx
> Subject: RE: [isalist] Re: Cert for OWA
>
> Jim,
>
> You are going way over my head what you said regarding the key.
>
> I have done this, I went to netsolssl.com and looked up how to replace the
> .key file with a new one, and followed their instructions, now I am waiting
> the three files issued under the .key to be sent to me. I have their
> step-by-step instructions on how to install the cert into IIS 5/6 which I am
> going to follow once I receive the files.
>
> My question is what steps do I need to take to import the cert into ISA 2004?
>
> I see the GTECyberTrustRoot cert gets installed under "Trusted Root Cert.
> Authorities" on IIS The NetworkSolutionsCA cert gets installed under
> "Intermediate Cert. Authorities" on IIS Then I install the SSL cert under the
> website in IIS.
> This part I am clear on.. ISA 2004 I am not.. :(
>
> Thanks for your help!
>
> Regards,
> Andrew
>
> ________________________________
>
> From: isalist-bounce@xxxxxxxxxxxxx on behalf of Jim Harrison
> Sent: Fri 19/05/2006 1:00 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Cert for OWA
>
>
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Did you import the CA certs into the ISA local machine trusted roots store?
> If ISA can't see the cert, are you *absolutely certain* that the purpose is
> "server authentication" and that the cert includes the private key?
>
> -------------------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> -------------------------------------------------------
>
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
> Behalf Of Andrew English
> Sent: Friday, May 19, 2006 10:02
> To: isalist@xxxxxxxxxxxxx
> Subject: RE: [isalist] Re: Cert for OWA
>
> I imported the GTEGlobalRoot cert, www.autosoldnow.com.crt, and
> NetworksolutionsCA.crt into IIS after which I restarted IIS Admin. In ISA I
> tried putting the www.autosoldnow.com.cert into the Personal folder and it
> does not work. I tried going back to IIS and exporting the cert and found the
> option is all greyed out.
>
> I have looked all over the internet for installing crt IIS 6 or ISA and come
> up with how to install certs using the certs server, but nothing pointing to
> how-to install the versign type cert in both IIS 6 and ISA 2004.
>
> Regards,
> Andrew
>
> ________________________________
>
> From: isalist-bounce@xxxxxxxxxxxxx on behalf of Steve Moffat
> Sent: Fri 19/05/2006 11:55 AM
> To: ISA Mailing List
> Subject: [isalist] Re: Cert for OWA
>
>
>
> Did you import the verisign cert, or did you import the cert that you exported
> from the IIS Server?
>
>
>
> Did you make it exportable?
>
>
>
> S
>
>
>
> ________________________________
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
> Behalf Of Andrew English
> Sent: Friday, May 19, 2006 12:36 PM
> To: ISA Mailing List
> Subject: RE: [isalist] Re: Cert for OWA
>
>
>
> Can someone either point me in the direction were I can read/learn how to
> install bought CA certs from a provider like Versign on ISA 2004 and IIS 6.0?
> I really have to get this HTTPS site working today as there are over 15000
> people that hit it each day and I have not been able to find a good working
> solution as to why ISA doesn't allow me to see the cert I just installed.
> Thanks!!!
>
>
>
> Regards,
>
> Andrew
>
>
>
>
> All mail to and from this domain is GFI-scanned.
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
>
> All mail to and from this domain is GFI-scanned.
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
