Announcement

Collapse
No announcement yet.

SSL Certificate

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SSL Certificate

    Dear Sir,

    My client access( OWA, Active Sync) are published using ISA Server 2006 using SSL but self signed certificate. Now am planning to purchase a certificate from any trusted authority, I am using same URL for both OWA and Active Sync ( https://webmail.mydomain.com)

    My doubt: I can generate a certificate request from my IIS6.0 and after getting the certificate from the trusted authority should I have to install certificate on my CAS as well as on ISA? Or only in ISA would be fine? If I have to install in both locations how I can do that? I am using a common Web SSL listener in ISA for OWA and Active Sync. Please guide me admin, awaiting your early reply.

    Thanks and regards

    Shafeer T Cheri

  • #2
    Re: SSL Certificate

    I always use the same certificate on the ISA server as well on the web server both with the private keys.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: SSL Certificate

      Thanks a ton for the reply,

      One more clarification,

      can I use the IIS 6.0 GUI interface to generate certificate request or you recommend powershell? From the Certificate Authority I will receive .cer Certificate as well as .P7b

      which one should I use in the CAS server IIS to process pending request and which one inside ISA server certificate console?

      Do I have to configure anything on the trusted root console? ( since it is trusted authority I believe that I don’t have to)

      Kindly guide me
      Last edited by Sembee; 4th August 2009, 00:10. Reason: Font and Formatting Correction

      Comment


      • #4
        Re: SSL Certificate

        Given that you need more than just a single name for SSL certificates to work correctly in Exchange 2007, what I would do is the certificate request and response on the main Exchange 2007 server. My blog has a guide on how to do that here: http://blog.sembee.co.uk/archive/2008/05/30/78.aspx

        Then export the certificate and import it in to your ISA server.

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: SSL Certificate

          Thanks allot sembee, a very helpfull post !

          Comment

          Working...
          X