• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Publishing OWA (Exchange 2010) with ISA 2004 over SSL

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Publishing OWA (Exchange 2010) with ISA 2004 over SSL Page: [1]
Login
Message << Older Topic   Newer Topic >>
Publishing OWA (Exchange 2010) with ISA 2004 over SSL - 6.Jan.2010 5:31:35 PM   
hostethomas

 

Posts: 2
Joined: 6.Jan.2010
Status: offline
Hello,

I've been searching the Internet for hours, but I can't find the reason why this is not working at all:
I have a Windows 2008 RC2 64bit Exchange 2010 Server and a...
Windows 2003 SP2 ISA 2004 (SP2) firewall

I want to publish the OWA (on the Exchange 2010 server) over SSL. No problems on the inside but...when I try to create a web listener on my ISA 2004, it tells me "there is no certificate". I've tried all kinds of methods to export and import the certificate of my Exchange 2010...nothing works, the ISA 2004 doesn't recognise my certificate. When I check the installed certificateds (with mmc --> certificate manager), I find the certificate of my Exchange 2010. I've copied it everywhere...

My question: could there be a incompatibility between Windows 2008 RC2 certificates and Windows 2003 ISA 2004?

Thanks so much for your answer and maybe for a solution,

Greetings,

Thomas Hoste
Post #: 1
RE: Publishing OWA (Exchange 2010) with ISA 2004 over SSL - 6.Jan.2010 8:26:55 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Hi Thomas,

How did you issue the certificates, from an internal CA or from a public CA?

ISA Server 2004 doesn't support SAN certificates, so this may be your issue...

http://blogs.technet.com/isablog/archive/2007/08/29/certificates-with-multiple-san-entries-may-break-isa-server-web-publishing.aspx

Cheers

JJ

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to hostethomas)
Post #: 2
RE: Publishing OWA (Exchange 2010) with ISA 2004 over SSL - 7.Jan.2010 5:40:34 AM   
hostethomas

 

Posts: 2
Joined: 6.Jan.2010
Status: offline
Hello JJ,

First of all, thanks a lot for answering that quickly!
I've read the artikel you've send to me, but I don't think that's our problem...
Right now, I'm at work again and I can tell you the exact message on our ISA.  When I try to create a web listener for SSL, the ISA 2004 tells me (on hitting the button "select"): "There are no certificates configured on this server". 

And to answer your question: the issue comes from a internal CA (it is generated automatically (?) by our Exchange 2010).  Maybe I have to create a new certificate and add that to our Exchange 2010?  Any idea how?  It's the first time I work with certificates and ISA, so pardon me for silly questions :) . 

Thanks for your reply and help,

Greetings,

Thomas

(in reply to hostethomas)
Post #: 3
RE: Publishing OWA (Exchange 2010) with ISA 2004 over SSL - 7.Jan.2010 7:10:16 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

check this article for troubleshooting certificates on ISA: http://www.isaserver.org/tutorials/Implementing-Troubleshooting-Certificate-Deployment-ISA-Server-2006.html


and this one for how to publish Exchange 2010 on ISA 2006 SP1. Even though, you´re using ISA 2004, this may help either:
http://msexchangeteam.com/archive/2009/12/17/453625.aspx

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to hostethomas)
Post #: 4
RE: Publishing OWA (Exchange 2010) with ISA 2004 over SSL - 7.Jan.2010 9:18:05 AM   
Rotorblade

 

Posts: 1348
Joined: 27.Feb.2007
Status: offline
Aside from ISA not supporting SAN certificates (which you’ll quickly find out after you can find the certificate) and you possibly not exporting the correct format; when importing the proper certificate into ISA’s certificate store, you need to be sure that you are importing into the correct certificate store. When you run the mmc and add the Certificates snap-in; you will be prompted to which certificate store would like to manage. (My user account, Service  account and Computer account) If  the ISA FW service is running under the Local Service account, then that is the one you need to be using; otherwise, you will not see the imported certificate when you try to bind it to a Web Listener.

HTH

RB  


_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to hostethomas)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Publishing OWA (Exchange 2010) with ISA 2004 over SSL Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts