You need to export the cert & the private key from the webserver & then import it into the machine account on the ISA server. S From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Mike Anderson Sent: Thursday, January 07, 2010 10:41 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] SSL no longer responds after upgrading from ISA 2004 ->2006 Hello again, I long ways back, we upgraded our ISA 2004 to ISA 2006 Enterprise and things seemed to go just fine until we tried getting the SSL stuff working. In 2004, what we did previously was export our cert from our internal web server and installed it on our ISA Server. Then we simply published another web server (1 regular and 1 secure), so we had 1 listener for our regular Port 80 and another listener for Port 443. After upgrading to ISA 2006, no matter what I tried, I couldn't get the cert recognized to save my life. Just a FYI, we couldn't run the upgrade from 2004 to 2006, because we were trying to upgrade from Standard to Enterprise. With that said, in order to install 2006, I had to first uninstall 2004 and install 2006 fresh. My question is: What is different about 2006 when it comes to certs? Must I generate the key and install the actual cert on the ISA Server itself? Since this is usually done from within IIS, can I generate a key within Windows Server 2003 itself since IIS won't be running on the ISA Server? This is where I am very confused... Any help would be greatly appreciated :) Thanks, Mike