RE: OT SSL
- From: "Winston Akin-Cole" <wcole@xxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 24 Jun 2003 12:38:32 -0400
All my servers are behind my ISA server.
-----Original Message-----
From: Kingery, Mark [mailto:Mark.Kingery@xxxxxxxxxxxxxx]
Sent: Tuesday, June 24, 2003 12:32 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OT SSL
http://www.ISAserver.org
The way I have it setup in my Beta testing is that I have a
Front-end server sitting in front of my ISA box with a Certificate and
then I publish it through ISA to my backend server.
Seems to work okay.
-----Original Message-----
From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Tuesday, June 24, 2003 11:19 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OT SSL
http://www.ISAserver.org
Hi Mark,
Because Verisign sells the certs and they say you need
to pay for a cert for each machine.
However, if the question is whether you need two SSL
certs to make the FE/BE config work, I'm pretty sure you don't. Just
install the single cert on the ISA firewall and bind it to the listener.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
<http://www.isaserver.org/shinder>
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
<http://tinyurl.com/1llp>
-----Original Message-----
From: Kingery, Mark
[mailto:Mark.Kingery@xxxxxxxxxxxxxx]
Sent: Tuesday, June 24, 2003 11:12 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OT SSL
http://www.ISAserver.org
Just curious why is two needed?
-----Original Message-----
From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Tuesday, June 24, 2003 11:05 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OT SSL
http://www.ISAserver.org
Hi Winston,
Unfortuatnely, that is correct. If you
have Administrative control over the clients, you might consider using
your own certificate server. This also discourages users from using
Kiosks and other unsecure sites from connecting to OWA. I never allow
connections from completely unmanaged and untrusted computers, so if you
have that option, you might consider it.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
<http://www.isaserver.org/shinder>
ISA Server and Beyond:
http://tinyurl.com/1jq1
Configuring ISA Server:
http://tinyurl.com/1llp <http://tinyurl.com/1llp>
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory:
http://www.serverfiles.com
No.1 Exchange Server Resource Site:
http://www.msexchange.org
Windows Security Resource Site:
http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org
Discussion List as: mark.kingery@xxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: wcole@xxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
