Hi! I'm wondering if it is possible. When I publish a secure web site with ISA 2004 I have a choice of SSL bridging and SSL tunneling. ISA 2006 does not have an option "Publish secure website", instead I can configure an SSL listener and make the website secure by using SSL. But here I have only a choice of a chain client-to-ISA-to-IIS that can be HTTP-HTTP, HTTP-SSL, SSL-HTTP and SSL-SSL. Do I really cannot make a tunnel when a client certificate provided by the client is passed directly to IIS so IIS can determine a domain username, to which this certificate is mapped. Right now ISA does identify the domain user, but I cannot pass the certificate further to IIS. Please, help! Thank you!