Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
SSL 'no certificates are configured on this computer'
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
SSL 'no certificates are configured on this computer' - 12.Jun.2002 11:14:00 PM
|
|
|
djc
Posts: 87
Joined: 15.Apr.2002
Status: offline
|
SSL connection from external client to ISA, then ISA bridges SSL request as HTTP. This works with NO problem. I configured my Incoming web listener to use a server certificate with NO problem.
THEN:
I decide to make it even more secure by bridging the SSL request as another SSL request to the internal server. (SSL all the way.. end to end..i know it's 2 separate SSL connections)
However when I tried to tell ISA via the web publishing rule to use a certificate i get this error:
'there are no certificates configured on this server'
This occurs on the bridging tab of the publishing rule at the bottom below the check box labeled:
'Use a certificate to authenticate to the SSL web server' when I hit the 'select' button to select a certificate to use.
how come I select a certificate w/ no problem for the incoming web listener but not here? what am I missing?
Thanks
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 14.Jun.2002 6:47:00 AM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi David,
IIRC, you need to add the cert to the Web Proxy service account to get this to work.
Lemme know how that works for you.
HTH,
Tom
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 14.Jun.2002 3:00:00 PM
|
|
|
djc
Posts: 87
Joined: 15.Apr.2002
Status: offline
|
how do i specifically add the cert to that account? (this is obviously my first time working with certificates)
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 14.Jun.2002 7:46:00 PM
|
|
|
djc
Posts: 87
Joined: 15.Apr.2002
Status: offline
|
thanks for the reply tom,
i'm not sure what you mean though. can you elaborate a little please? The web proxy service is running under the local system account on my isa box.
Thanks
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 14.Jun.2002 8:16:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi David,
You have to use the Certificates snap-in and have the Web Proxy service add the cert to the certificate store.
HTH,
Tom
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 15.Jun.2002 12:58:00 AM
|
|
|
djc
Posts: 87
Joined: 15.Apr.2002
Status: offline
|
ok.. I know what you mean now... for anyone else who wants info on that its in Q281106.
On the Bridging tab of a web publishing rule you can select the 'Use a certificate to authenticate to the SSL Web server check box, and then click Select if you decide to bridge ssl as ssl. right, right, thats what the original post was about. Now that that is solved please answer this: IS THAT REQUIRED TO BRIDGE AS SSL TO THE INTERNAL SERVER????? OR IS IT OPTIONAL?
please lay this one to rest for me.
Thanks
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 15.Jun.2002 3:21:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi David,
Yes, if you want to bridge SSL as SSL, you need to select that option. The reason for this is that a completely new SSL session is created from the ISA Server to the internal network server.
HTH,
Tom
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 16.Jun.2002 4:49:00 PM
|
|
|
djc
Posts: 87
Joined: 15.Apr.2002
Status: offline
|
Thank you for clearing that up for me tom!
However, I am still getting the 'no certificates are configured on this computer' error when I hit the 'select' button though. I DID import my cert from the internal web server into the W3Proxy\Personal\Certificates folder as per Q281106. still no luck. I'm really not sure where to go from here now. I exported the same cert from the web server as I did for the incoming web listener and imported it into ISA, only into the W3Proxy\Personal\Certificates folder. I exported the private key w/ it both times. Did I do something wrong?
-DJC
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 16.Jun.2002 7:09:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi David,
What you need a client certificate in the Web Proxy certificate store. The client certificate should be issued from a certificate server that is trusted by the internal Web server.
HTH,
Tom
|
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 21.Jun.2002 6:47:00 AM
|
|
|
JohnnyQuest
Posts: 5
Joined: 27.Apr.2002
From: West Plains Missouri
Status: offline
|
So call me silly but how do i easily get to
Q281106
(i dont see the search topics box)
or better how do i create a cert on the ISA to
allow IUSR to connect SSL to ISA?
I dont feel i need SSL internally (or do i?)
(would it not take twice as long -- especiallly
at higher encryption settings ?)
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 21.Jun.2002 6:58:00 AM
|
|
|
JohnnyQuest
Posts: 5
Joined: 27.Apr.2002
From: West Plains Missouri
Status: offline
|
Ok i found my glasses!
disregard the search box request.
|
|
|
|
RE: SSL 'no certificates are configured on this computer' - 23.Jul.2002 10:47:00 PM
|
|
|
Darik
Posts: 87
Joined: 28.May2002
Status: offline
|
Tom:
Can you pls more leborate this:
What you need a client certificate in the Web Proxy certificate store. The client certificate should be issued from a certificate server that is trusted by the internal Web server.
we normally have one certificate which is installed on Web Server or you mean We need to use the certificate only which we got from certificate athority as response called public key only, but if i configured this it does not show under bridging tab , I only got this when I import the same certificate with private key which I have configured in incoming listner
Thanks
D
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
