• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Publishing OWA and ActiveSync with different certificates?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> Publishing OWA and ActiveSync with different certificates? Page: [1]
Login
Message << Older Topic   Newer Topic >>
Publishing OWA and ActiveSync with different certificates? - 30.Mar.2006 5:07:29 PM   
truet

 

Posts: 1
Joined: 27.Mar.2006
Status: offline
I'm in the process of implementing access to the internal Exchange 2003 server with the help of ISA 2004.

The ISA server contains of 2 NICīs where one represents the internal network and the other the public.
The public interface is configured with 2 public IP-adresses. My intention is to use one of these adresses for OWA and the other for ActiveSync etc.
I have set up this environment for test using my own internal Certificate server for publishing the certificates.
On this Cert-server I created 2 certs, one for owa and the other for ActiveSync.
Since forms-based authentication doesn't work with ActiveSync I enabled to listeners on the ISA server where one listens to forms-based auth on the first public ip (with cert 1), and the other listens to basic auth on public ip 2 (with cert 2).
OWA works just fine, but with mobile units the lack of Trusted root cert makes it difficult to administer.

So now i am thinking about requesting a Trusted root certificate and that's where my question comes up.

I want to use one certificate (would like to use my own internal certificate server for this one) for the OWA (owa.mydomain.com).
Then I would like to use another cert (from a public trusted ca) for users with ActiveSync (mobile.mydomain.com)
Since I cannot use the same certificate for both owa and activesync (i need separate certs for the different IP-adresses on the public interface) i am confused with how to implement this.

On the IIS on the Exchange server you can use only one certificate at a time(?).
If I want to issue a certificate for a Trusted CA, i figure one must do this through the IIS on Exchange?
Is it possible to make a request for the cert on the IIS and when this is done, switch back to use my own internal cert? And then just put this newly requested Trusted root cert on the ISA server on the listener for ActiveSync?

Anyone know how I can solve this?
Post #: 1
RE: Publishing OWA and ActiveSync with different certif... - 4.Apr.2006 3:29:44 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Truet,

Check out this series:

http://www.isaserver.org/tutorials/Creating-Multiple-Security-Perimeters-Multihomed-ISA-Firewall-Part1.html

It will answer 99.6% of your questions. The other 0.4% you can ask here.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to truet)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> Publishing OWA and ActiveSync with different certificates? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts