I have been using a private certificate on the ISA listener for OMA for several months. Due to issues with some Smartphones I have decided to purchase a commercial certificate. I purchased this certificate from Go Daddy and installed it on to the ISA server as addressed in several articles on this site as well as on Microsoft's site. When I go to the appropriate web listener I can not see this commercial certificate. I only see the ones that I generated from our private CA server. What can I be doing wrong? Why does this process have to be so difficult?
I have even purchased Dr Tom's ISA Server 2004 book but can find no answer to this issue.
Thanks Ray but my problems are never that easy. I must admit that I find most of my answers on this website but nothing has clued me in on this error. I can see the cert under my personal folder in the certificate management console. The root server is listed in the Tursted Root Certification Authorities. I just does not appear in the list of certificates that are available to listener for the SSL port.
Just learned an expensive lession. It's all about sequencing. For OMA or Exchange Active Sync you need to first create the certificate request form IIS (for us it was on our lone exchange server). Submit the cert request to the Commercial CA. Apply the certificate recieved from the Commercial CA to the IIS server. Export the cert from the IIS server (with keys) and import into the ISA server.
Are you publishing both OWA and OMA (ActiveSync)? If so, how did you set it up? I am struggling with the same issue. I want to get a commercial cert from verisign, but can't figure out how to apply it to ISA so that both Form-Base authentication and basic authentication can work. I orgingally set up my ISA - Exchange relationship by following the steps in this article:
Here's the Key... you need to setup a listener for OWA and a seperate one of OMA. I set mine up as two different Web addresses and created a certificate for each one. I am using a comercial certificate for the OMA (Active Sync) and self generated certificate for OWA. Here's my email address if you want more specific details: email@example.com
I'm not sure how to apply the commercial certificate to IIS, since all I got from them was a string of text (I saved it in a *.cer file) I know how to import this .cer file into the certificates MMC snapin, but I don't think that's the answer I'm looking for, right?