• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA2006 + OWA + WM5 + Wildcard Cert = Good Grief!!

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> ISA2006 + OWA + WM5 + Wildcard Cert = Good Grief!! Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA2006 + OWA + WM5 + Wildcard Cert = Good Grief!! - 10.Jan.2007 10:45:36 AM   
djmasters

 

Posts: 10
Joined: 25.Jan.2004
Status: offline
The reading is getting depressing....

Scenario:
Single NIC ISA2006 in a DMZ
Need to publish multiple SSL sites (have the 2004 article handy)
Have two certs, *.domain.com & mobile.domain.com
Currently ISA is only publishing OWA using the mobile.domain.com cert
We have Windows Mobile 5 phones.

So, from what I gather from the reading, I should use the wildcard cert for the Web Listener cert and I could use the mobile cert for the OWA to ISA connection (or a self created cert).   That all sounds well & good until I throw WM5 into the mix.   Again from the reading, it sounds like WM5 is going to puke, unless I disable the cert validation.

Am I missing something or am I just good & hosed?

Could the ISA box deal with two Web Listeners on the same port if it had two IP addresses?  I'll assume not since that could be an easy remedy to this well documented problem.
Post #: 1
RE: ISA2006 + OWA + WM5 + Wildcard Cert = Good Grief!! - 10.Jan.2007 9:26:28 PM   
djmasters

 

Posts: 10
Joined: 25.Jan.2004
Status: offline
Would this help me?   I know it might not be optimal, but it beats having to build a second ISA server, which is what I'm afraid I might have to do!!

http://forums.isaserver.org/Mulitple_SSL_ports_on_a_listener%3f/m_2002035491/tm.htm


(in reply to djmasters)
Post #: 2
RE: ISA2006 + OWA + WM5 + Wildcard Cert = Good Grief!! - 16.Jan.2007 11:11:30 AM   
djmasters

 

Posts: 10
Joined: 25.Jan.2004
Status: offline
So, 50 hits & 7 days later no one saw fit to tell me how easy this was to resolve? 


Yes, it really is as simple as adding another IP address to the NIC and having the individual HTTPS listeners (with their respective certs) on different IPs.   The only snag we hit was traffic may come "into" ISA on address 2, but it will always appear to be coming back out on address 1.

(in reply to djmasters)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> ISA2006 + OWA + WM5 + Wildcard Cert = Good Grief!! Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts