[isalist] Re: Cert for OWA

• From: "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Fri, 19 May 2006 15:56:12 -0400

Hi Gerald, 
 
Thanks for the bit of information as it never crossed my mind that without SSL 
installed usernames and passwords are sent in clear text format. 
 
Actually the site is more broken with the SSL enabled then it is without it. So 
I am not too worried as it changing to a different front-end/back-end within 
the coming months which will switch back to using SSL. It's more important if 
people can access the site correctly now then to have them calling us everyday 
asking what's wrong, and yes we are aware the trade off it has, but since the 
site doesn't contain and personal or confidential information we are not too 
worried about. 
 
Regards,
Andrew

________________________________

From: isalist-bounce@xxxxxxxxxxxxx on behalf of Young, Gerald G
Sent: Fri 19/05/2006 3:16 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Cert for OWA



How are you connecting then?

 

https:// is for SSL.

http:// does not use SSL or the certificate you just installed.

 

I hope you're not planning on authenticating users over just an http 
connection: the username and password will be sent in clear text that anyone 
can grab should they be listening.

Cordially yours,
Jerry G. Young II
  MCSE (4.0/W2K)
Atlanta EES Implementation Team Lead
ECNS Microsoft Engineering
Unisys 

11493 Sunset Hills Rd.
Reston, VA 20190
Office: 703-579-2727
Cell: 703-625-1468 

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers. 

________________________________

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Andrew English
Sent: Friday, May 19, 2006 3:08 PM
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: Cert for OWA

 

I figured it out.. After I exported the SSL cert to pfx on IIS6 and imported it 
into ISA I was able to surf to the site, however I had enabled SSL on the 
webpage and for some reason it was telling me I had to https:// to the site 
which I was doing, as soon as I removed the (required SSL) from the web site I 
was able to access it. Then I applied the html I had to redirect the site back 
to http. (grin)

 

Thanks for those who helped I really do appreciate it!

 

Regards,

Andrew

• Follow-Ups:
  • [isalist] Re: Cert for OWA
    • From: Steve Moffat

• References:
  • [isalist] Re: Cert for OWA
    • From: Young, Gerald G

Other related posts:

• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA
• » [isalist] Re: Cert for OWA

1. Home
2. isalist
3. Archive
4. 05-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---