Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Wilcard Certificate error
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Wilcard Certificate error - 7.Mar.2004 11:24:00 PM
|
|
|
larry_c_collins
Posts: 111
Joined: 5.Oct.2001
From: San Francisco, CA 94102
Status: offline
|
Hi Tom,
Thanks for all the work you've done on this site and others. Simply amazing!
I've recently setup a wilcard certificate for SSL web publishing per your doc on this site. I'm running ISA 2000 and it isn't a member server in my domain, not 2004, and I receive the error below once I get past the dialog box indicating that the certificate now has a valid name (thanks to the wilcard aspect).
I followed all of your instructions including the addition of the hosts file entry for this site on my ISA server. Again, I'm using ISA 2000 standard edition with the most current service pack
The error I recieve:
500 Internal Server Error - The certificate chain was issued by an authority that is not trusted. (-2146893019)
Internet Security and Acceleration Server
|
|
|
|
|
RE: Wilcard Certificate error - 7.Mar.2004 11:49:00 PM
|
|
|
larry_c_collins
Posts: 111
Joined: 5.Oct.2001
From: San Francisco, CA 94102
Status: offline
|
I avoid the 500 error when I set the web publishing rule to Redirect SSL requests as: HTTP requests (terminate the secure channel at the proxy).
What else should I do to enable the secure channel to go forward all the way to the internal website?
Also, I notice that you have to view the certificate and then install it on the client side to avoid having the SSL dialog reappear everytime you browse the site. Any way around this?
Thanks.
|
|
|
|
|
RE: Wilcard Certificate error - 8.Mar.2004 12:37:00 PM
|
|
|
tshinder
Posts: 47669
Joined: 10.Jan.2001
From: Texas
Status: online
|
Hi Larry,
Thanks!
In the Web Publishing Rule, is the redirect to the name that is contained on the Web site certificate on the Web site? You need to redirect to that name, not the IP address of the internal site. Check out article on the dreaded 500 error for details.
HTH,
Tom
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
