http://www.ISAserver.org ------------------------------------------------------- Well, that question was answered. You can use any non-corrupted, server authentication certificate *on the ISA itself*, so long as it's installed properly with the private key *and* the issuing CA certificate is listed in the trusted roots store. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Rogers Sent: Tuesday, June 20, 2006 07:48 To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: Wildcard Certificates Well, can Wildcard Certs from an internal Ca be used for RPC over HTTP then? ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Monday, June 19, 2006 9:59 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: Wildcard Certificates Hi Tom, That won't generate a 500 error. Tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Rogers Sent: Monday, June 19, 2006 8:42 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Wildcard Certificates Tom, In your article entitled "Publishing Multiple Web Sites using a Wildcard Certificate in ISA Server 2004" at this link "isaserver.org/tutorials/2004wildcardcert.html", you don't mention anything about remote client configuration. If you use a Wildcard Certificate from an INTERNAL network CA, this internal network CA will not be on the remote machine's Trusted Root Certificate Store - so how do you avoid getting a 500 error on the remote client because of this? Thanx, -TRogers All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx