Discussion about article on Web Listeners for Autodiscover Service

Discussion about article on Web Listeners for Autodiscover Service (Full Version)

All Forums >> [ISA 2006 Publishing] >> Exchange Publishing

Message

tshinder -> Discussion about article on Web Listeners for Autodiscover Service (10.Sep.2007 12:34:37 PM)
This thread is for discussing the article on Web Listeners for the autodiscover service at XXX Thanks! Tom

vapor-trails -> RE: Discussion about article on Web Listeners for Autodiscover Service (14.Sep.2007 9:29:40 AM)
Good Morning Tom! Can you expand on this article with respect to having a site certificate that supports Subject Alternate Names? I noticed in the article that you've chosen two different website IPs with two different digital certificates. Wouldn't this work with 1 IP and 1 certificate assuming that the certificate supports Subject Alternate Names? -Vapor-Trails

tshinder -> RE: Discussion about article on Web Listeners for Autodiscover Service (17.Sep.2007 7:52:42 AM)
Hi VT, No, that will not work because the clients aren't able to "consume" the SANs. HTH, Tom

vapor-trails -> RE: Discussion about article on Web Listeners for Autodiscover Service (17.Sep.2007 8:21:15 PM)
I am not sure I follow you. Could you be more specific? Thanks!

tshinder -> RE: Discussion about article on Web Listeners for Autodiscover Service (18.Sep.2007 6:53:40 AM)
The ISA Firewall presents the certificate to the clients. Since the clients aren't able to use the SANs, they won't work. HTH, Tom

vapor-trails -> RE: Discussion about article on Web Listeners for Autodiscover Service (18.Sep.2007 4:26:54 PM)
I am not sure I understand why the client wouldn't be able to use SANs. There are 3 providers (probably more) that i know of that will be in the trusted certificate list (Verisign, Thwate, Godaddy, etc). If I am publishing "mobile.E2K7domain.com" to 13.13.13.13 and "autodiscover.E2K7domain.com" to 13.13.13.13; all while using a wildcard cert, why wouldn't ISA 2006 properly setup the SSL and then pass it on to CAS? -Vapor-Trails

tshinder -> RE: Discussion about article on Web Listeners for Autodiscover Service (19.Sep.2007 7:20:54 AM)
The wildcard cert is using the subject name field, that's why that works. The clients don't "consume" the SAN fields. HTH, Tom

jazzer -> RE: Discussion about article on Web Listeners for Autodiscover Service (17.Oct.2007 11:12:12 AM)
Hi Tom, 1. I read your article and all other article on msExchangeTeam and msExchangeOrg and technet. To Publish Exchange 2007 with isa 2006, it maks never sense to take a UC Certificate or a Certificate with SAN's. Is this right? The Isa can only consume the first cn in the Cert, it is one Match, like a Normal cheap Webserver Certificate? All other Names in the Cert brakes the Isa. Is there a reason to take a SAN Cert instead to a Normal Cert when i publish ex07 with isa06? Is a Fix for the ISA 06 SAN Problem in the pipeline? (I know the fix for the Outlook 2007, SRV Record) 2. Would it work when i publish all the Ex07 URL's with the autodiscover.doamin.com/owa ./rpc URL instead owa.doamin.com? With this i only need 1IP 1SSL Cert. It resolves all the problems? Regards Stive

tshinder -> RE: Discussion about article on Web Listeners for Autodiscover Service (18.Oct.2007 9:47:43 AM)
Hi Stive, 1. I don't think so, they might in the next version. 2. Not sure this will work, because of the authentication requirements HTH, Tom

Page: [1]