[isalist] Re: Cert for OWA
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Mon, 22 May 2006 10:10:32 -0500
Hi Jerry,
Maybe this is something worth a short article on ISAserver.org?
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Young, Gerald G
Sent: Monday, May 22, 2006 9:05 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Cert for OWA
This has been an interesting thread to follow. My head is still
spinning.
For the time being, I'll leave the binding same listener to two
different paths alone; that's a bit confusing for me still. ;)
Andy, here is what I would do in your case. You essentially
have two sites. One for static content - from the sounds of it - and
one for OWA. Rather than trying to tie the same www.domain.com to two
different paths I'd make it a bit simpler. For your static content, I'd
use www.domain.com. For your OWA content, I'd use something like
webmail.domain.com. This would end up with two separate access rules.
If you wanted only one cert to be used for both, you could get a
wildcard cert for *.domain.com, tie that to a single listener that is
then used by both access rules.
Just my $.02 but I hope this might help you.
Cordially yours,
Jerry G. Young II
MCSE (4.0/W2K)
Atlanta EES Implementation Team Lead
ECNS Microsoft Engineering
Unisys
11493 Sunset Hills Rd.
Reston, VA 20190
Office: 703-579-2727
Cell: 703-625-1468
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE
PROPRIETARY MATERIAL and is thus for use only by the intended recipient.
If you received this in error, please contact the sender and delete the
e-mail and its attachments from all computers.
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English
Sent: Saturday, May 20, 2006 12:58 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Cert for OWA
LOL
Mail Server Publishing Wizard creates a rule in your firewall
Polices right? Sure you need to use the wizard to create the rule, but
in the end it's a rule not a wizard.
Is it possible to publish a web server using a cert for
www.domain.com for www.domain.com/sitefolder/index.html to LAN IP
192.168.1.1 while using the "Mail Server Publishing Wizard" to create
the OWA rule to publish OWA via SSL www.domain.com for
www.domain.com/exchange on LAN IP 192.168.1.2 ??
Andrew
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
Sent: Saturday, May 20, 2006 12:44 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Cert for OWA
http://www.ISAserver.org
-------------------------------------------------------
THIS IS NO SUCH THING AS A MAIL SERVER PUBLISHING RULE. GOT
IT???????
If the question is "can I created two Web Publishing Rules" the
answer
is yes.
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew
English
> Sent: Saturday, May 20, 2006 11:47 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Cert for OWA
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Okay smart ass.
>
> It is possible to publish a web site on https on
www.domain.com at the
> same time publish OWA using the mail server publishing rule
> on the same
> cert, yet both machines on the LAN are in different places?
>
> Andrew
>
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Thomas W Shinder
> Sent: Saturday, May 20, 2006 12:32 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Cert for OWA
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> What do you mean by "publishing a mail server"?
>
> It's a meaningless phrase, like "open a port".
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://blogs.isaserver.org/shinder/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
>
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew
English
> > Sent: Saturday, May 20, 2006 11:17 AM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: Cert for OWA
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > Your very good at twisting things around aren't you Tom
> when you know
> > very well the point I was getting across in the first place.
> > So are you
> > saying that I can publish the web server and mail server on
> > the same URL
> > and Cert?
> >
> > Andrew
> >
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Thomas W Shinder
> > Sent: Saturday, May 20, 2006 11:58 AM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: Cert for OWA
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > For inbound connections, there are only Web Publishing Rules
> > and Server
> > Publishing Rules
> >
> > There is no "mail server publishing rule" although there
> > might be a Mail
> > Server Publishing Wizard.
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://blogs.isaserver.org/shinder/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> >
> >
> >
> > > -----Original Message-----
> > > From: isalist-bounce@xxxxxxxxxxxxx
> > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew
English
> > > Sent: Saturday, May 20, 2006 10:55 AM
> > > To: isalist@xxxxxxxxxxxxx
> > > Subject: [isalist] Re: Cert for OWA
> > >
> > > http://www.ISAserver.org
> > > -------------------------------------------------------
> > >
> > >
> > > The OWA site is a mail publishing rule. It use have FBA.
The
> > > other site
> > > I agree is not a mail publishing rule thus would require
the
> > > web server
> > > publishing rule but can both be run off the same URL,
> > > different servers
> > > with different paths?
> > >
> > > Andrew
> > >
> > >
> > > -----Original Message-----
> > > From: isalist-bounce@xxxxxxxxxxxxx
> > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > On Behalf Of Jim Harrison
> > > Sent: Saturday, May 20, 2006 11:31 AM
> > > To: isalist@xxxxxxxxxxxxx
> > > Subject: [isalist] Re: Cert for OWA
> > >
> > > http://www.ISAserver.org
> > > -------------------------------------------------------
> > >
> > > Must using different path in each rule.
> > > Don't use the mail server publishing rule for non-mail
websites.
> > > Create a new rule and specify only the app pat in that
rule.
> > >
> > > -----Original Message-----
> > > From: isalist-bounce@xxxxxxxxxxxxx
> > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > On Behalf Of Andrew English
> > > Sent: Saturday, May 20, 2006 8:05 AM
> > > To: isalist@xxxxxxxxxxxxx
> > > Subject: [isalist] Re: Cert for OWA
> > >
> > > http://www.ISAserver.org
> > > -------------------------------------------------------
> > >
> > > If I create the website publishing rule for the website,
am
> > I able to
> > > create an Mail server publishing rule for OWA using the
same cert?
> > >
> > > Andrew
> > >
> > >
> > > -----Original Message-----
> > > From: isalist-bounce@xxxxxxxxxxxxx
> > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > On Behalf Of Thomas W Shinder
> > > Sent: Saturday, May 20, 2006 10:11 AM
> > > To: isalist@xxxxxxxxxxxxx
> > > Subject: [isalist] Re: Cert for OWA
> > >
> > > http://www.ISAserver.org
> > > -------------------------------------------------------
> > >
> > > I read someone that application layer inspection firewalls
> > > are actually
> > > able to take information in the application layer headers
> > and data and
> > > make intelligent decisions based on that data. Yes, I
> > remember now, I
> > > wrote a 1000+ book about it and the solution is in there.
Go
> > > to the Web
> > > Publishing chapter. You'll solve all these SSL problems
and
> > > the current
> > > one.
> > >
> > > Thomas W Shinder, M.D.
> > > Site: www.isaserver.org
> > > Blog: http://blogs.isaserver.org/shinder/
> > > Book: http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of
> Andrew English
> > > > Sent: Saturday, May 20, 2006 9:13 AM
> > > > To: isalist@xxxxxxxxxxxxx
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > > http://www.ISAserver.org
> > > > -------------------------------------------------------
> > > >
> > > > Yes but if the request is for the following website is
> > > > www.autosoldnow.com how does it know under the web
server
> > publishing
> > > > rule that anything with /exchange goes to serverA while
> > > anything with
> > > > /ssapp/asn.html goes to serverB?
> > > >
> > > > Andrew
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > > On Behalf Of Jim Harrison
> > > > Sent: Saturday, May 20, 2006 2:06 AM
> > > > To: isalist@xxxxxxxxxxxxx
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > > http://www.ISAserver.org
> > > > -------------------------------------------------------
> > > >
> > > > You
> > > > Don't
> > > >
> > > > You create two separate rules, Andy.
> > > >
> > > >
> > > > -------------------------------------------------------
> > > > Jim Harrison
> > > > MCP(NT4, W2K), A+, Network+, PCG
> > > > http://isaserver.org/Jim_Harrison/
> > > > http://isatools.org
> > > > Read the help / books / articles!
> > > > -------------------------------------------------------
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > > On Behalf Of Andrew English
> > > > Sent: Friday, May 19, 2006 20:49
> > > > To: isalist@xxxxxxxxxxxxx
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > > Uhm okay Jim so how to I tell ISA the following under
one
> > > > server publish
> > > > website rule?
> > > >
> > > >
> > > >
> > > > https://www.autosoldnow.com/ssapp/asn.html goes to
192.168.1.10
> > > >
> > > > https://www.autsoldnow.com/exchange goes to 192.168.1.2
> > > >
> > > >
> > > >
> > > > Andrew
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > > On Behalf Of Jim Harrison
> > > > Sent: Friday, May 19, 2006 9:05 PM
> > > > To: isalist@xxxxxxxxxxxxx
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > -------------------------------------------------------
> > > >
> > > >
> > > >
> > > > ..so don't use the same listener for both sites.
> > > >
> > > > C'mon, Andy - take a moment to think it through.
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > >
> > > > On Behalf Of Andrew English
> > > >
> > > > Sent: Friday, May 19, 2006 4:38 PM
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > -------------------------------------------------------
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > The problem Jim is there web site doesn't use IIS it
uses
> > > > Jboss which is
> > > >
> > > > a Java Application Server, normally Jboss sits on Tomcat
> > > but this time
> > > >
> > > > around there isn't any Tomcat running so I am not sure
what
> > > the script
> > > >
> > > > kiddies have done. There is no Tomcat server running
under
> > > > services.msc,
> > > >
> > > > there is no apache running anywhere, it all runs from
one box.
> > > >
> > > >
> > > >
> > > > The second box of course runs Exchange 2003 on top of AD
> > > which doesn't
> > > >
> > > > want swing for me without telling me that the version of
AD
> > > is not the
> > > >
> > > > same as the other 2003 server even though I raised the
domain
> > > > and forest
> > > >
> > > > levels to 2003.
> > > >
> > > >
> > > >
> > > > Andrew
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > >
> > > > On Behalf Of Jim Harrison
> > > >
> > > > Sent: Friday, May 19, 2006 5:59 PM
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > -------------------------------------------------------
> > > >
> > > >
> > > >
> > > > This is called "redirect to HTTPS" and is supported in
IIS.
> > > >
> > > > You can even do it with ISA if you use the
> isa_redirects package I
> > > >
> > > > built.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -------------------------------------------------------
> > > >
> > > > Jim Harrison
> > > >
> > > > MCP(NT4, W2K), A+, Network+, PCG
> > > >
> > > > http://isaserver.org/Jim_Harrison/
> > > >
> > > > http://isatools.org
> > > >
> > > > Read the help / books / articles!
> > > >
> > > > -------------------------------------------------------
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > >
> > > > On Behalf Of Andrew English
> > > >
> > > > Sent: Friday, May 19, 2006 15:08
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > -------------------------------------------------------
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > As for OWA we are in the process of buying a separate
cert
> > > > for that. As
> > > >
> > > > before what was happening is the had their Linux box
> > > flipping the HTTP
> > > >
> > > > to HTTPS for both the web and exchange site which both
> run on two
> > > >
> > > > different LAN servers. Since the dealers themselves are
> > too computer
> > > >
> > > > illiterate to know what Internet Explorer is let alone
where
> > > > the Address
> > > >
> > > > bar is located we had to keep the cert for the web site
and
> > > > flip to HTTP
> > > >
> > > > so that portions of the site what stopped working when
> > the cert was
> > > >
> > > > originally installed can function normally again.
> > > >
> > > >
> > > >
> > > > Andrew
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > >
> > > > On Behalf Of Jim Harrison
> > > >
> > > > Sent: Friday, May 19, 2006 5:47 PM
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > -------------------------------------------------------
> > > >
> > > >
> > > >
> > > > ..then the subject is irrelevant to the question?
> > > >
> > > > "Cert for OWA" seems to indicate to the rest of us that
> > > this was about
> > > >
> > > > OWA publishing.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -------------------------------------------------------
> > > >
> > > > Jim Harrison
> > > >
> > > > MCP(NT4, W2K), A+, Network+, PCG
> > > >
> > > > http://isaserver.org/Jim_Harrison/
> > > >
> > > > http://isatools.org
> > > >
> > > > Read the help / books / articles!
> > > >
> > > > -------------------------------------------------------
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > >
> > > > On Behalf Of Andrew English
> > > >
> > > > Sent: Friday, May 19, 2006 14:49
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > > Ah no.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > The username and passwords are only contained within the
> > > site itself,
> > > >
> > > > they are not associated to AD in anyway shape or form.
So
> > if someone
> > > >
> > > > wants to see what dealerA has sold on the network be my
> guess, but
> > > >
> > > > they're login name and password don't work where else
but on the
> > > >
> > > > website.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Andrew
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > ________________________________
> > > >
> > > >
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > > >
> > > > On Behalf Of Mark Morgan
> > > >
> > > > Sent: Friday, May 19, 2006 5:18 PM
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > It really does not mater if there is not personal or
> > > confidential info
> > > >
> > > > on the site, if you pass the user id and password via
> > http the user
> > > >
> > > > domain credentials can be compromised, which someone
could
> > > then use to
> > > >
> > > > login to VPN etc.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > >
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx]On Behalf Of Andrew
English
> > > >
> > > > Sent: Friday, May 19, 2006 12:56 PM
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: RE: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > > Hi Gerald,
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Thanks for the bit of information as it never
> > > > crossed my mind
> > > >
> > > > that without SSL installed usernames and passwords are
> > sent in clear
> > > >
> > > > text format.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Actually the site is more broken with the SSL
> > > > enabled then it
> > > > is
> > > >
> > > > without it. So I am not too worried as it changing to a
> different
> > > >
> > > > front-end/back-end within the coming months which will
> > > switch back to
> > > >
> > > > using SSL. It's more important if people can access the
> > > site correctly
> > > >
> > > > now then to have them calling us everyday asking what's
> > > wrong, and yes
> > > >
> > > > we are aware the trade off it has, but since the site
> > > doesn't contain
> > > >
> > > > and personal or confidential information we are not too
> > > > worried about.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Regards,
> > > >
> > > >
> > > >
> > > > Andrew
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > ________________________________
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx on behalf
of
> > > > Young, Gerald
> > > > G
> > > >
> > > > Sent: Fri 19/05/2006 3:16 PM
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > > How are you connecting then?
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > https:// is for SSL.
> > > >
> > > >
> > > >
> > > > http:// does not use SSL or the certificate
you just
> > > > installed.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > I hope you're not planning on authenticating
> > > users over just
> > > > an
> > > >
> > > > http connection: the username and password will be sent
in
> > > clear text
> > > >
> > > > that anyone can grab should they be listening.
> > > >
> > > >
> > > >
> > > > Cordially yours,
> > > >
> > > > Jerry G. Young II
> > > >
> > > > MCSE (4.0/W2K)
> > > >
> > > > Atlanta EES Implementation Team Lead
> > > >
> > > > ECNS Microsoft Engineering
> > > >
> > > > Unisys
> > > >
> > > >
> > > >
> > > > 11493 Sunset Hills Rd.
> > > >
> > > > Reston, VA 20190
> > > >
> > > > Office: 703-579-2727
> > > >
> > > > Cell: 703-625-1468
> > > >
> > > >
> > > >
> > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL
> > > AND/OR OTHERWISE
> > > >
> > > > PROPRIETARY MATERIAL and is thus for use only by the
intended
> > > > recipient.
> > > >
> > > > If you received this in error, please contact the sender
and
> > > > delete the
> > > >
> > > > e-mail and its attachments from all computers.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > ________________________________
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > From: isalist-bounce@xxxxxxxxxxxxx
> > > >
> > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of
> Andrew English
> > > >
> > > > Sent: Friday, May 19, 2006 3:08 PM
> > > >
> > > > To: isalist@xxxxxxxxxxxxx
> > > >
> > > > Subject: RE: [isalist] Re: Cert for OWA
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > I figured it out.. After I exported the SSL
> > cert to pfx on
> > > > IIS6
> > > >
> > > > and imported it into ISA I was able to surf to the site,
> > > however I had
> > > >
> > > > enabled SSL on the webpage and for some reason it was
> > > telling me I had
> > > >
> > > > to https:// to the site which I was doing, as soon as I
> > removed the
> > > >
> > > > (required SSL) from the web site I was able to access
it.
> > > > Then I applied
> > > >
> > > > the html I had to redirect the site back to http. (grin)
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Thanks for those who helped I really do
appreciate it!
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Regards,
> > > >
> > > >
> > > >
> > > > Andrew
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > >
> > > > No virus found in this incoming message.
> > > >
> > > > Checked by AVG Free Edition.
> > > >
> > > > Version: 7.1.392 / Virus Database: 268.6.1/343
-
> > > > Release Date:
> > > >
> > > > 5/18/2006
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > >
> > > > No virus found in this outgoing message.
> > > >
> > > > Checked by AVG Free Edition.
> > > >
> > > > Version: 7.1.392 / Virus Database: 268.6.1/343 - Release
> > > > Date: 5/18/2006
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > All mail to and from this domain is GFI-scanned.
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > List Archives:
//www.freelists.org/archives/isalist/
> > > >
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > >
> > > > ISA Server Articles and Tutorials:
> > > >
> > > > http://www.isaserver.org/articles_tutorials/
> > > >
> > > > ISA Server Blogs: http://blogs.isaserver.org/
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > Visit TechGenix.com for more information about our other
sites:
> > > >
> > > > http://www.techgenix.com
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > >
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > List Archives:
//www.freelists.org/archives/isalist/
> > > >
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > >
> > > > ISA Server Articles and Tutorials:
> > > >
> > > > http://www.isaserver.org/articles_tutorials/
> > > >
> > > > ISA Server Blogs: http://blogs.isaserver.org/
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > Visit TechGenix.com for more information about our other
sites:
> > > >
> > > > http://www.techgenix.com
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > >
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > All mail to and from this domain is GFI-scanned.
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > List Archives:
//www.freelists.org/archives/isalist/
> > > >
> > > > ISA Server Newsletter:
> > > http://www.isaserver.org/pages/newsletter.asp
> > > >
> > > > ISA Server Articles and Tutorials:
> > > >
> > > > http://www.isaserver.org/articles_tutorials/
> > > >
> > > > ISA Server Blogs: http://blogs.isaserver.org/
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > Visit TechGenix.com for more information about our other
sites:
> > > >
> > > > http://www.techgenix.com
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > >
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > List Archives:
//www.freelists.org/archives/isalist/
> > > >
> > > > ISA Server Newsletter:
> > > http://www.isaserver.org/pages/newsletter.asp
> > > >
> > > > ISA Server Articles and Tutorials:
> > > >
> > > > http://www.isaserver.org/articles_tutorials/
> > > >
> > > > ISA Server Blogs: http://blogs.isaserver.org/
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > Visit TechGenix.com for more information about our other
sites:
> > > >
> > > > http://www.techgenix.com
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > >
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > All mail to and from this domain is GFI-scanned.
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > List Archives:
//www.freelists.org/archives/isalist/
> > > >
> > > > ISA Server Newsletter:
> > > http://www.isaserver.org/pages/newsletter.asp
> > > >
> > > > ISA Server Articles and Tutorials:
> > > > http://www.isaserver.org/articles_tutorials/
> > > >
> > > > ISA Server Blogs: http://blogs.isaserver.org/
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > Visit TechGenix.com for more information about our other
sites:
> > > >
> > > > http://www.techgenix.com
> > > >
> > > > ------------------------------------------------------
> > > >
> > > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > >
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > > >
> > > >
> > > > All mail to and from this domain is GFI-scanned.
> > > >
> > > > ------------------------------------------------------
> > > > List Archives:
//www.freelists.org/archives/isalist/
> > > > ISA Server Newsletter:
> > > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server Articles and Tutorials:
> > > > http://www.isaserver.org/articles_tutorials/
> > > > ISA Server Blogs: http://blogs.isaserver.org/
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other
sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > > ------------------------------------------------------
> > > > List Archives:
//www.freelists.org/archives/isalist/
> > > > ISA Server Newsletter:
> > > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server Articles and Tutorials:
> > > > http://www.isaserver.org/articles_tutorials/
> > > > ISA Server Blogs: http://blogs.isaserver.org/
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other
sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > > >
> > > ------------------------------------------------------
> > > List Archives: //www.freelists.org/archives/isalist/
> > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server Articles and Tutorials:
> > > http://www.isaserver.org/articles_tutorials/
> > > ISA Server Blogs: http://blogs.isaserver.org/
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other
sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > > ------------------------------------------------------
> > > List Archives: //www.freelists.org/archives/isalist/
> > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server Articles and Tutorials:
> > > http://www.isaserver.org/articles_tutorials/
> > > ISA Server Blogs: http://blogs.isaserver.org/
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other
sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > > All mail to and from this domain is GFI-scanned.
> > >
> > > ------------------------------------------------------
> > > List Archives: //www.freelists.org/archives/isalist/
> > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server Articles and Tutorials:
> > > http://www.isaserver.org/articles_tutorials/
> > > ISA Server Blogs: http://blogs.isaserver.org/
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other
sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > > ------------------------------------------------------
> > > List Archives: //www.freelists.org/archives/isalist/
> > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server Articles and Tutorials:
> > > http://www.isaserver.org/articles_tutorials/
> > > ISA Server Blogs: http://blogs.isaserver.org/
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other
sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other
sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other
sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other
sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other
sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit
http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
