• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Multiple SSL Web Sites

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Web Publishing >> Multiple SSL Web Sites Page: [1]
Login
Message << Older Topic   Newer Topic >>
Multiple SSL Web Sites - 27.Jan.2006 2:37:44 AM   
j*m*r

 

Posts: 2
Joined: 27.Jan.2006
Status: offline
We have OWA up and running in back of ISA2004.  We are adding another web-enabled app to the OWA server.  The new website has its own virtual ip.  I added the new website & ip to the hosts file on ISA and put a route in the route table.  When I try to create a new listener, using the new certificate, I get an error that I have overlapping ip address and port pairs.  What gives?  I can't use a wildcard cert -- we're already committed to the name on the OWA cert and can't change it.  And the vendor is coming on Monday to install the new app.
Post #: 1
RE: Multiple SSL Web Sites - 27.Jan.2006 2:57:45 AM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
Did you bind a new IP address to the TCP/IP stack on the ISA Server?

If so, did you change the original listener to listen only on the first IP address? On the Networks tab of the listener, edit the 'External' network object to only listen on one IP.

(in reply to j*m*r)
Post #: 2
RE: Multiple SSL Web Sites - 27.Jan.2006 5:33:19 PM   
j*m*r

 

Posts: 2
Joined: 27.Jan.2006
Status: offline
We have Cisco content switch modules on either side of our two ISA machines.  The outer CSM has a virtual ISA address for OWA (for load balancing) and another for the new application.  The ISAs don't know anything about the virtual addresseses, just their own physical addresses.

(in reply to j*m*r)
Post #: 3
RE: Multiple SSL Web Sites - 28.Jan.2006 1:09:20 AM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
If the content switches can perform port translation on the incoming traffic, then you could just create another ISA Web Listener on a different port. Otherwise, you'll have to add another IP to ISA to get another Web Listener on 443. ISA can only have 1 certificate per IP:Port combo. You can use wildcard certs, but they have to be the same domain name, and some commercial CAs don't issue them.

(in reply to j*m*r)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Web Publishing >> Multiple SSL Web Sites Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts