RES: RES: RES: RES: RES: RE: Forcing SSl

• From: "Allisson C. Silva" <allisson@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 5 Nov 2002 09:23:56 -0300

Hi alex, 
Great part of the procedure that you passed me I already I had fact, less the 
part of the Server Publish for Https. After you make it, really hears the 
redirect of HTTP for HTTPS in the referring directores to the OWA that is 
configured for SSL. However after it to redirect for https occurs the following 
error:
500 Internal Server Error - The target principal name is incorrect. 
(-2146893022)
Internet Security and Acceleration Server
 The emitted certificate has the correct name for the site and therefore I did 
not understand the error and when looking for for same me the Technet (in 
compact disc and the Web) nothing I found the respect. The Microsoft must have 
become this less problematic process in sight that and the same basic for the 
security requirements. Of any form I will continue trying and if you or 
somebody he will have another idea will be Obliged coming well 
Thanks...
 

Allisson Cândido 
Administrador de Rede 
Flag Informática S/C 
Mcse Mcsa Mcp Fcp 

-----Mensagem original-----
De: Alex Decarli [mailto:alex@xxxxxxxxxxxxx]
Enviada em: segunda-feira, 4 de novembro de 2002 15:47
Para: [ISAserver.org Discussion List]
Assunto: [isalist] RES: RES: RES: RES: RE: Forcing SSl


http://www.ISAserver.org


Alison,
 
Try to use the OWA q290113.
This setting that you changed cannot apply in this case.
 
 
Um abraço
Alex

-----Mensagem original-----
De: Allisson C. Silva [mailto:allisson@xxxxxxxxxxx]
Enviada em: segunda-feira, 4 de novembro de 2002 17:09
Para: [ISAserver.org Discussion List]
Assunto: [isalist] RES: RES: RES: RE: Forcing SSl


http://www.ISAserver.org


Oi Alex,
 My Configuration Is:
 I configured the Incoming Connection to use certified with the certificate of 
the Iss that use in the OWA.
 I finish connection SSL in the Isa and step for the IIS saw HTTP (not use 
Bridging) will be this the problem?
I used the Q307347 article suggested for Ursini Sun but I did not get resulted. 
Thanks again 
 

Allisson Cândido 
Administrador de Rede 
Flag Informática S/C 
Mcse Mcsa Mcp Fcp 

-----Mensagem original-----
De: Alex Decarli [mailto:alex@xxxxxxxxxxxxx]
Enviada em: segunda-feira, 4 de novembro de 2002 14:47
Para: [ISAserver.org Discussion List]
Assunto: [isalist] RES: RES: RE: Forcing SSl


http://www.ISAserver.org


Hi Allisson,
 
I've it working very well.
you must change some parameters to view this working well.
 
1. Go to exchange server, open I.E (without ISA Server configured) and browse 
the url redirect page.
    (if you can access, the redirect and the permissions is ok)
 
Tell-me about this test and the how is your incoming connection configuration.
 
Alex D.
 
 
 

-----Mensagem original-----
De: Allisson C. Silva [mailto:allisson@xxxxxxxxxxx]
Enviada em: segunda-feira, 4 de novembro de 2002 16:32
Para: [ISAserver.org Discussion List]
Assunto: [isalist] RES: RE: Forcing SSl


http://www.ISAserver.org


The problem is that my Web server with the OWA this behind the Isa. If I type 
Https in browser not ha problem, however if I only type HTTP I receive the 
error : 

403 Forbidden - The page must be viewed over a secure (that is, Secure Sockets 
Layer (SSL)) channel. Contact the server administrator. (12211)
Internet Security and Acceleration Server

 

I tried to create a page asp that it redirects custom error 403 in iss to add 
https. However did not function since I find that the problem of redirect in 
this case this in the Isa. 

Plus some obliged suggestion... 

Thanks


 
 

Allisson Cândido 
Administrador de Rede 
Flag Informática S/C 
Mcse Mcsa Mcp Fcp 

-----Mensagem original-----
De: David Haam [mailto:DavidH@xxxxxxxxxxxx]
Enviada em: segunda-feira, 4 de novembro de 2002 14:16
Para: [ISAserver.org Discussion List]
Assunto: [isalist] RE: Forcing SSl


http://www.ISAserver.org


That's best done inside IIS.
 
Create a virtual website that is just HTTP. Make the site just a redirector to 
the "real" site (that is only running HTTPS.
 
This way you can actually share a single IP. You can also accomplish a similar 
solution via host-headers, if you're using different FQDNs.
 
Hint: you can make the HTTP-only site listen for SSL on a different port (or 
remove it), and the HTTPS-only site listen for HTTP on a different port.
 
Cheers!

-----Original Message-----
From: Allisson C. Silva [mailto:allisson@xxxxxxxxxxx] 
Sent: Monday, November 04, 2002 9:59 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Forcing SSl


http://www.ISAserver.org



Hi guys, 
I need a aid to force a redirect  http://www.domain.com.br\exchange to 
https://www.domain.com.br\exchange whithout user interaction.

That's possible???   If yes which the procedure. 

Since i thanks any aid. 


Allisson Cândido 
Administrador de Rede 
Flag Informática S/C 
Mcse Mcsa Mcp Fcp 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
davidh@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
allisson@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
alex@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
allisson@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
alex@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
allisson@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » RES: RES: RES: RES: RES: RE: Forcing SSl

1. Home
2. isalist
3. Archive
4. 11-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---