No announcement yet.

Alternative Web Enrollment page External users can download Site Certificate

  • Filter
  • Time
  • Show
Clear All
new posts

  • Alternative Web Enrollment page External users can download Site Certificate


    I am administering a network that was constructed by an outsourced company. We had a contract and that had ended.
    I have however searched and searched for an answer on various forums but to no avail.

    Unfortunately the CA server had to be rebuilt, and I cannot see how I can create a web page, whereby users will click on a link and it will ask to install a certificate. I'm not talking about the Certificate Web Enrollment, http://<severname>/certsrv as this has various option. I'm taking about a single page that has a certificate tied to it.

    An external user logs on to OWA or our Portal site.
    IE7 says that the certificate is not valid (this is because we issue our own certificate)
    The user clicks on 'Continue to the website'.
    They then have the red bar across the top and they log into the Portal.
    Upon entry to the Portal site, the user has the option to install a certificate 'For first time users please click 'HERE' to install the certificate for this website'
    This is obviously the certificate tied into the web listener on our ISA 2006 server and is a wild card cert.

    However, I am trying to find the web page that will allow external users to first log in and then goto the web page that has a 'Install Certificate' button (just like the internal web enrollments page) and then closes and goes back to the portal site.
    When the user logs in a second time they do not have the error as they have already downloaded the certificate.

    The problem I have at the moment is that the Certificate error occurs and you can view the cert, but it DOES NOT let you install it. That option is greyed out.

    I have seen this page a few years back so I know it exists. Just how do you find it and publish it?

    It is normally refered to as CertInstall instead of CertSrv.

    Forgive me if this is not in the correct Forum but I believe it does fit under general security issues.

    Thank you in advance.