Re: MS: David Cross

From: John McCoy (itsme109@hotmail.com)
Date: 11/30/02 

From: "John McCoy" <itsme109@hotmail.com>
Date: Fri, 29 Nov 2002 22:35:37 -0500

I never said it was easy to set up. Essentially one has to add a certificate
to ISA, I forget which one, maybe my web certificate. There are several
steps, the bottom line is we have been able to publish the crl using ISA200
and it does work.

I had to create a virtual server which had the directory the crl was in and
publish that using ISA2000. 

--
John McCoy
"S. Pidgorny [MVP]" <slavickp@yahoo.com> wrote in message
news:ODhgnTAmCHA.1216@tkmsftngp02...
> Yes, that works fine, but in the following scenario:
>
> * ISA Server is publishing an internal Web site
> * ISA Server uses certificate authentication for Internet access to the
> published site
>
> - under such circumstances, ISA Server itself has to check CRL. Here we
have
> a problem.
>
> Your setup involves the same components but isn't the above, is it?
>
>
> --
> Svyatoslav Pidgorny, MS MVP, MCSE
> -= F1 is the key =-
>
> "John McCoy" <itsme109@hotmail.com> wrote in message
> news:uuf5jddtc8ri56@corp.supernews.com...
> > Hi, I have set up in my internal lab to use the CA to issue the certs
and
> it
> > is checking the crl. We came across a better way and that is a sub
> > standalone for external certs. These are both behind an ISA 2000 box,
the
> > trick is to publish the crl list and create a virtual directory on the
> cert
> > box. It is pretty cool really.
> >
> > These are all internally issued, the whole idea is for healthcare office
> to
> > be able to use digitally signed email so we have been testing and trying
> to
> > get a handle on the entire process. MS has been great, David Cross in
> > particular in helping me understand the process.
> >
> > --
> > John McCoy
>
>
>

Relevant Pages

  • Re: Adding EXCH2007 SP1 box to existing EXCH2003 SP2 Org
    ... Certificates - going to be using a SAN Certificate like I have many times before. ... as mentioned - ISA was not involved in any of those eight environments.... ... My thought process is that we install EXCH2007 SP1 into the existing EXCH2003 org, move all of the mailboxes from EXCH2003 to EXCH2007, install the SAN Cert on the EXCH2007 box, move everything over to the EXCH2007 box and away we go. ... Also, your public certificate needs only the SANs that are specifically addressed from the Internet, which would likely be limited to mail.mydomain.com, mobile.mydomain.com and synch.mydomain.com, and that's quite a bit simpler to submit to your authority. ...
    (microsoft.public.exchange.admin)
  • Re: SharePoint 3.0: problems with external access
    ... Here are the steps to publish a WSS 3.0 application behind ISA Server. ... port 80, and the host header is 'Intranet'. ... Run the wizard to create a new SSL certificate for the site. ... the site from the Internet. ...
    (microsoft.public.windows.server.sbs)
  • Re: SharePoint 3.0: problems with external access
    ... Here are the steps to publish a WSS 3.0 application behind ISA Server. ... port 80, and the host header is 'Intranet'. ... Run the wizard to create a new SSL certificate for the site. ... the site from the Internet. ...
    (microsoft.public.windows.server.sbs)
  • Re: Proxy
    ... You can very definitely have an external certificate on your ISA 2006 server and an internal certificate on your CAS servers and have everything work perfectly. ... domain name also exists on the internet and i cannot include my exhange's ...
    (microsoft.public.exchange.admin)
  • Re: Can I use a 3rd-party Certificate for RWW, OWA, etc?
    ... about ISA server. ... The certificate did not relate to hardware firewall, so you did not need to ... This newsgroup only focuses on SBS technical issues. ... |> want to use ISA publish the website to internet. ...
    (microsoft.public.windows.server.sbs)