I wish to publish multiple secured OWA servers using ISA server that has single external IP address. On my way to perform the configuration, i realized that i cannot bind more than one certificate to the Web listener. I have one OWA server already published on 443 from our test environemnt & now want to publish OWA on production environment. I installed two certificates on the ISA certificate store but when i created another web listener the another certificate is not listed. Is this a limitation of ISA? If yes then I guess following hotfix should address the same:
There are two issues here:
1. You cannot use multiple certificates on a single IP.
This is not a limitation of ISA, but rather one of the limitations of SSL. Your only option would be to publish webmailtest.company.com and webmailprod.company.com using a wildcard SSL certificate. (i.e. one registered to *.company.com)
2. The certificate is not showing in the ISA console when you create a new listener.
There are a couple of reasons that certificates do not show up when you create a new listener, either
a) There is no private key associated with the certificate (ISA 2004 detects this and does not list the cert at all - ISA 2006 detects this and list the cert but with an error)
b) There is a problem with the certificate chain, and the certificate is not trusted by the ISA server (normally caused when the certificate has been issued from an intermediate root, and the intermediate root certificate has not been installed on the ISA)
c) You have only just installed the certificate and the ISA console has not refreshed. Close the console, and re-open it.