I will be publishing multiple web sites behind our ISA 2004 firewall (Win2K/SP4 Server). Recently, I purchased a wildcard certificate from Digicert. They provided the wildcard certificate (*.<mydomain>.com), an Intermediate Certificate (Digicert), and a Trusted Root Certificate (GTE Cybertrust). All these certificates have been imported in the local machine store on the ISA firewall using the MMC snap-in.
I have reviewed the Tom's well-documented article on using wildcard SSLs, but I get the sense that article is geared towards configuration is an OWA/Exchange/IIS environment. I donĂt use Exchange or IIS server, although, one of the web sites I will eventually publish will us IIS 6.0.
For my first attempt, IĂm creating a new Web Listener for secure e-mail web access. Although, when I get to the screen where I select Enable SSL, I select the ŠSelectĂ button for the certificate and the system responds with a ˘There are no certificates configured on this server÷, even after I imported three certificates and rebooted my ISA box.
According to the article, I then have to create different certificates for ISA to web server SSL communications. Seems to me this defeats the purpose of the wildcard certificate.
So, I have a couple questions:
1. Does anyone know why IĂm getting the ˘no certificate÷ message when creating the new Web Listener and how to resolve the issue? I've researched this issue to no resolve.
2. Once issue #1 is resolved, what is the procedure for SSL Bridging using a third-party certificate vs. one generated in-house? Or, will I have to use SSL tunneling?
I remember I had the same problem when forgot to choose mark the key as exportable when I tried with trial cert. I just bought wildcard from digicert but I don't know how where I have to send the CSR. Do you able to?