[isalist] Re: SSL no longer responds after upgrading from ISA 2004 ->2006
- From: "Mike Anderson" <mike@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Fri, 8 Jan 2010 09:56:49 -0600
Hello there,
That is precisely the information I was looking for - so thank you for
clearing that up J
I am sure I will have more questions later this morning regarding this,
so please stay tuned - I have to do the upgrade to 2006 tomorrow evening
and I have no option for failure. That SSL Cert is the life-blood to
this company, and when https is not working, they literally are losing
money every minute it's not working. Pretty scary position for somebody
like me to be in, considering this entire task falls on my shoulders
exclusively.
Again, thank you ALL for all your incredible help - we are indeed lucky
to have a resource like this list available.
Mike
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Jerry Young
Sent: Friday, January 08, 2010 8:15 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: SSL no longer responds after upgrading from ISA
2004 ->2006
Mike,
My apologies; I hit the send button too soon. (O.o)
In answer to your question about CSR generation, if you're going to be
installing a certificate on the ISA Server and only plan on using it
there, you're going to have to create the CSR via IIS on another server.
Once you get the certificate back from your chosen certificate
authority, you'll have to install it on the surrogate IIS box, export it
with the private key, and then import it into ISA Server.
On Thu, Jan 7, 2010 at 9:36 PM, Mike Anderson <mike@xxxxxxxxxxxx> wrote:
Hello again,
I long ways back, we upgraded our ISA 2004 to ISA 2006 Enterprise and
things seemed to go just fine until we tried getting the SSL stuff
working.
In 2004, what we did previously was export our cert from our internal
web server and installed it on our ISA Server. Then we simply published
another web server (1 regular and 1 secure), so we had 1 listener for
our regular Port 80 and another listener for Port 443.
After upgrading to ISA 2006, no matter what I tried, I couldn't get the
cert recognized to save my life. Just a FYI, we couldn't run the upgrade
from 2004 to 2006, because we were trying to upgrade from Standard to
Enterprise. With that said, in order to install 2006, I had to first
uninstall 2004 and install 2006 fresh.
My question is: What is different about 2006 when it comes to certs?
Must I generate the key and install the actual cert on the ISA Server
itself? Since this is usually done from within IIS, can I generate a key
within Windows Server 2003 itself since IIS won't be running on the ISA
Server?
This is where I am very confused...
Any help would be greatly appreciated J
Thanks,
Mike
--
Cordially yours,
Jerry G. Young II
Microsoft Certified Systems Engineer
www.youngcss.com <http://www.youngcss.com/>
________________________________
avast!/SMTP2000 Antivirus: Inbound message clean.
Virus Database (VPS): 1/7/2010
Tested on: 1/8/2010 08:16:09 -0500
avast! - copyright (c) 1988-2010 ALWIL Software.
Other related posts:
