Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Web Bridging using SSL
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Web Bridging using SSL - 7.Dec.2006 10:48:14 AM
|
|
|
DanCodling
Posts: 9
Joined: 7.Dec.2006
Status: offline
|
Hi all,
I'm having some difficulty installing an SSL certificate for use with SSL bridging. When selecting a certificate, the dialogue box says I haven't any valid certificates installed. I've tried every combination of exporting the certificate from my front end server and importing into the ISA 2006 server.
For background info, I've created a certificate for use with the web listener, this works great, but I want to secure the traffic using SSL from the ISA server to the front end server.
Hope someone can help me!
Thanks all,
Danny
|
|
|
|
RE: Web Bridging using SSL - 7.Dec.2006 10:51:12 AM
|
|
|
Jason Jones
Posts: 2154
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
|
Make sure you set the context of the MMC snap-in to be "computer account" e.g. the local computer certificate store.
Also restart the ISA management console after importing...
JJ
_____________________________
Jason Jones (MVP)
Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/
Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Web Bridging using SSL - 7.Dec.2006 11:15:26 AM
|
|
|
DanCodling
Posts: 9
Joined: 7.Dec.2006
Status: offline
|
Hi Jason, thanks for replying.
I have tried your suggestions. Still no joy. Maybe I am doing something wrong here:
1. On FE server, MMC, computer account, personal, export PFX (yes to export private key, select all three check boxes.
2. On ISA, MMC, computer account, personal, import, select PFX file, enter password.
3. Close/reopen ISA server console
4. OWA publishing rule, bridgeing, choose SSL certificate
Message, No valid certificates available.
I presume the above is correct. I have even tried restarting the ISA server.
Arghhhh,
Thanks
|
|
|
|
|
RE: Web Bridging using SSL - 7.Dec.2006 11:21:12 AM
|
|
|
Jason Jones
Posts: 2154
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
|
1. On FE server, MMC, computer account, personal, export PFX (yes to export private key, select all three check boxes.
2. On ISA, MMC, computer account, personal, import, select PFX file, enter password.
personal should be local computer
< Message edited by Jason Jones -- 7.Dec.2006 11:22:45 AM >
_____________________________
Jason Jones (MVP)
Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/
Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Web Bridging using SSL - 7.Dec.2006 11:29:35 AM
|
|
|
DanCodling
Posts: 9
Joined: 7.Dec.2006
Status: offline
|
Hmm, I'm lost now.
On ISA server open MMC, add the certificates snap-in, select Computer account for the local computer, import the certificate into the personal folder? Is this what you are saying?
|
|
|
|
|
RE: Web Bridging using SSL - 7.Dec.2006 11:34:31 AM
|
|
|
DanCodling
Posts: 9
Joined: 7.Dec.2006
Status: offline
|
Thanks for the screenshots. I've done all this, but still the certificate does not show up. It does however show up as available for the web listener.
Thanks
|
|
|
|
|
RE: Web Bridging using SSL - 7.Dec.2006 11:37:24 AM
|
|
|
Jason Jones
Posts: 2154
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
|
Aha - your are getting confused with client certificates, these aren't needed for what you need - by using SSL bridging, you are ensuring a secure connections between ISA and Exchange.
SSL bridging should be set to use 443
< Message edited by Jason Jones -- 7.Dec.2006 11:39:10 AM >
_____________________________
Jason Jones (MVP)
Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/
Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Web Bridging using SSL - 8.Dec.2006 4:21:12 AM
|
|
|
DanCodling
Posts: 9
Joined: 7.Dec.2006
Status: offline
|
Doh, penny has just dropped. Thank You. I now understand why I cannot do this.
However I have another question on the same lines as above.
WAN --- 3rd party firewall --- LAN, ISA2006, FE Exchange, BE Exchange
My isa server is configure with the network template for single adapter settings. My front end server is configured to require HTTPS connection. I've been through the exchange publiching wizard. The isa server cannot connect to OWA. It can if I stop the firewall service however.
Any suggestions, pointers?
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
