Welcome to ISAserver.org

"there are no certificates configured on this server" on ISA 2004

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> "there are no certificates configured on this server" on ISA 2004

Page: [1]

Message

<< Older Topic Newer Topic >>

"there are no certificates configured on this serv... - 18.Jul.2004 1:20:00 PM

zamirl

Posts: 94
Joined: 26.Mar.2002
From: Bat-Yam, Israel
Status: offline

I'm testing SSL bridging with ISA 2004.
I exported the certificate with the private key
from the published OWA 2003 web site, and imported it to both the user personal and computer personal certificate stores.

When I configure the listner, it allows to select the imported certificate, however, when I go to the bridge tab of the publishing rule and want to set it to "use a certificate to authenticate to the SSL web server", it says "there are no certificates configured on this server".

This is very strange, and it used to work great with ISA 2000. I already tried to close and reopen the ISA 2004 managment console.

Can some1 assist ?

Liran

Post #: 1

Featured Links*

RE: "there are no certificates configured on this ... - 18.Jul.2004 3:53:00 PM

zamirl

Posts: 94
Joined: 26.Mar.2002
From: Bat-Yam, Israel
Status: offline

OK

I noted my mistake, the certificate box is probably intended when client certificate authentication to the web server is required.

The publishing problems I had were partially caused by not suppling the FQDN in the published server name (the target server).

Yet, I got another problem.
If I configure the listner for the use of the certificate, and set the listner for no authentication at all, it actually forwards the request via SSL to the OWA server and I get the form based authentication that I enabled on the Exchange server.

If I set the form based authentication on the listner, I get the form based authentication, but after the form is confirmed, my client browser is getting the URL: https://owa.r2d2.com/CookieAuth.dll?Logon

and it shows:
Unknown Request
The request could not be resolved by the server

Any Ideas ?

(in reply to zamirl)

Post #: 2

RE: "there are no certificates configured on this ... - 18.Jul.2004 4:29:00 PM

zamirl

Posts: 94
Joined: 26.Mar.2002
From: Bat-Yam, Israel
Status: offline

Faster then a speeding bullet [Roll Eyes]

It seems that I was able to resolve the problem, but I would like your confirmation regarding the configuration.

1. Exchange 2003, with Stand Alone created web
certificate on the default web site.

2. The Certificate was exported with the private
key and imported to the machine store on the ISA 2004.

3. I configured the Exchange HTTP Virtual server with form based authentication, and later I found out that it caused some of my problems, so I disabled it.

4. I created a secure mail server publishing rule for OWA. I configured the published server name as: owa.r2d2.com and made sure to put an entry in the ISA server hosts file to point this FQDN to the internal IP address of the Exchange server.

5. I configration the web listner to listen on the external adapter on port 443 with the certificate that was imported from the default web site.
I set the authentication to "form based auth."

6. In the Publishing rule "Brifging" tab, I only selected the redirect request to SSL port, without an authentication certificate, where on the "public name" tab contained the external name
of the site (owa.r2d2.com) and the "Paths" tab contained the paths (/exchange/* and so on).

This was pretty much hell.
I'm sure that there is better documentation, but I did not get to it.

I would like to put into an article, but I would like you to confirm that what I did is OK.

thanks

Liran

(in reply to zamirl)

Post #: 3

RE: "there are no certificates configured on this ... - 19.Jul.2004 10:47:00 PM