OK, I am still a little confused regarding SSL and ISA. Am I correct in the understanding that to have SSL on a web server behind ISA you MUST either export the certificate to ISA or server publish the SSL port ?? This seems a bit daft as web publishing allows one to bridge the SSL request directly to the server. Is there something I've missed along the way. I have a customer that can connect to his SSL-enabled web server as long as it isn't behind ISA, but gets a blank page when attempts to connect through ISA are made (& obviously I have yet to either export or server publish SSL). Why would it be designed this way ?? What are the ramifications of each method (looking for response from those who are doing this in the field) ? I am leaning to server publishing the SSL port due to the software the customer is using (iCode). Any assistance, etc. greatly appreciated. Paul Nuernberger