Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
SSL Guidence/Installation
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
SSL Guidence/Installation - 23.Jan.2006 8:18:38 PM
|
|
|
ranweb
Posts: 25
Joined: 20.Jan.2006
Status: offline
|
I am asking for any assistance in the understanding of SSL Installation/Management for a public website that is in the DMZ or perimeter network.
Currently, my configuring for the website is Internet--ISA--Perimeter (Website). I'm needing to install a SSL for the entire site (www.company.com) which is on a web server on the perimeter network. The site is up and running; however, I need the SSL for a few application to work.
I'm about to work with Verisign; however, I'm wondering about the CSR generation for the SSL Certificate... do I generate it from the webserver in the DMZ or do I generate it from the ISA Server???
Ranweb
|
|
|
|
|
RE: SSL Guidence/Installation - 24.Jan.2006 4:44:56 AM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Ran,
If you're going to use SSL to SSL bridging, you can run it from ISA firewall, then you can fry up your own certificate to bind to the published Web site.
I think i wrote an article for TechProGuild on how to do this, but I don't know if they put it up yet.
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: SSL Guidence/Installation - 24.Jan.2006 4:50:00 AM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Ranweb,
Nope, I didn't write it for them, I wrote it for ISAserver.org, however it has not yet been published. Write to me and I'll send you the article series.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: SSL Guidence/Installation - 26.Jan.2006 5:18:01 PM
|
|
|
ranweb
Posts: 25
Joined: 20.Jan.2006
Status: offline
|
Tom,Thanks for the information. These are great articles. I do have a comment/question. The article primarly focuses on OWA and the use of Private Certs within the LAN. In your example, you use a CA in the same LAN that the OWA server is in. In my scenario, I am trying to perform this same process; however, its with a Web Site and the Web site is in the DMZ, not in the LAN. Do I need to put CA on a box running in the DMZ? The two computers in the DMZ consit of an IIS and a SQL server which is in a workgroup, they don't belong to a domain. - Can I use the scenario in your article and apply it to my environment?
- Can I use a CA in a work group environment, what are the pro's and con's?
- Would I be able to use an internal LAN CA for the IIS in the DMZ?
Randy
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
