Welcome to ISAserver.org

Certificate

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 General ] >> Web Publishing >> Certificate

Page: [1]

Message

<< Older Topic Newer Topic >>

Certificate - 26.Sep.2008 11:09:59 AM

thepriest

Posts: 25
Joined: 27.Feb.2007
Status: offline

Hi,

Is it possible to have 2 certificate on ISA with a single nic? The one install right now is "name.subdomain.gc.ca" and my new one is "name-name.xxx-yyy.gc.ca"

What step are involved do make this happen?

Thanks

Post #: 1

Featured Links*

RE: Certificate - 27.Sep.2008 8:17:22 PM

Rotorblade

Posts: 1002
Joined: 27.Feb.2007
Status: offline

Yes - but you will need to assign another (secondary) IP to the NIC and create a second web listener to make it work.

The process: (short version)

. Assign a secondary IP to NIC
. Create a second Web Listener and bind the web listener to the secondary IP.
. Import the Certificate into the ISA Local Computer personal certificate store. (Be sure you import the certificate to the proper certificate store!)
. Bind the new certificate to the new web listener and IP.

HTH

RB

_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to thepriest)

Post #: 2

RE: Certificate - 29.Sep.2008 8:01:23 AM

thepriest

Posts: 25
Joined: 27.Feb.2007
Status: offline

Thank you very much for the response I will do that.

Cheer!

(in reply to Rotorblade)

Post #: 3

RE: Certificate - 29.Sep.2008 10:32:21 AM

thepriest

Posts: 25
Joined: 27.Feb.2007
Status: offline

Hi,

I added my new ip to the ISA Server and my new certificate. The problem am having is when I create a new "web listener" I can't choose my certificate only my old is showing up. I imported my cert in my personal and intermidiate store like my old one.

Help please

(in reply to thepriest)

Post #: 4

RE: Certificate - 29.Sep.2008 11:22:12 AM

Rotorblade

Posts: 1002
Joined: 27.Feb.2007
Status: offline

[
quote]
The problem am having is when I create a new "web listener" I can't choose my certificate only my old is showing up. I imported my cert in my personal and intermidiate store like my old one.
[/quote]

Sounds like you're opening and saving to the wrong certificate store?

Are you?

Open a MMC session; click File, Add/Remove Snap-in�.
Click Add; click and select Certificates; click Add.
You should be prompted to select the account to manage the certificates for.

Select Computer account. If that does not work, try the Service account.

HTH
RB

_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to thepriest)

Post #: 5

RE: Certificate - 29.Sep.2008 11:48:52 AM

thepriest

Posts: 25
Joined: 27.Feb.2007
Status: offline

Hello,

I fix my problem. Some one else create the cert for me. After doing some reading I I remember that the export file needs the personal key exported something my partner forgot to do.

< Message edited by thepriest -- 30.Sep.2008 11:42:08 AM >

(in reply to Rotorblade)

Post #: 6

RE: Certificate - 30.Sep.2008 11:43:52 AM

thepriest

Posts: 25
Joined: 27.Feb.2007
Status: offline

Hi,

Am getting this new error message when trying to create my new Web listener...
A web listener that listen on a similar IP and port is already in use by the rule "new web site". Web listener IP address and ports used by different rules cannot overlap.

Help!

(in reply to Rotorblade)

Post #: 7

RE: Certificate - 1.Oct.2008 7:22:50 PM

BBooth

Posts: 9
Joined: 22.Nov.2007
Status: offline

Hi,

You'll need to go check the existing web listener and make sure it's not binding itself to all available IP addresses.

This information can be found in the Networks tab of the Web Listener properties. Ensure the existing one is binding itself to the first IP address the ISA server had and not "All IP addresses in the selected network"

Hope this helps.
BB

(in reply to thepriest)

Post #: 8