Re: Problems with SSL Cert

The problem is when a user attempts to connect remotely (over the Internet).
If, after receiving the error message, they continue on to the site they can
choose to "view certificate". From here there's an option to download
certificate with an option to let it automatically decide the location to
install or select it yourself.

My understanding was this process would install the certificate so that the
error would go away. It does not.

I'm not real interested in having to provide a file to every user for every
computer they want to access OWA through.

"PL" wrote:

I've attempted to install the certificate to every possible store
including
Trusted Root Cert Auth; Ent Trust; Trusted Publishers; etc and cannot
get past the message.

Which certificate you have tried? You need to install the certificate of
the Root CA, not the IIS.

Connect to your CA web (http://yourcaserver/certsrv) interface and select
the link "Download a CA certificate, certificate chain, or CRL" followed by
"install this CA certificate chain". If you can't access your CA web
interface in you client location, you need to download and save the CA
certificate chain to a file and install it on the client computer.


PL





The SSL Cert being used for OWA expired - the Cert that was being used had
been issued by a company I'd never heard of. So I backed it up then
removed
it.

I went through the IIS process to request a new Cert. Our CA server kept
having errors when attempting to use the web interface. By choosing "Send
request immediately to an online . . . " and selecting my CA server I was
able to generate and apply a certificate. The new certificate appears
fine
and we no longer receive the Expired warning.

However - Users outside the network now received a warning that the
certificate was not issued by a trusted authority. IE7 makes users think
the
world is going to die if they attempt to continue.

I've attempted to install the certificate to every possible store
including
Trusted Root Cert Auth; Ent Trust; Trusted Publishers; etc and cannot get
past the message.

Help!

Note: when inside the network I connect https without any issues - this
only
exists outside.



.

Relevant Pages

  • Re: Windows Update repeats
    ... You cannot install some updates or programs ... to a Windows component, install a service pack for Windows or for a Windows ... The Microsoft digital signature affirms that software has been tested with ... Publishers certificate store. ...
    (microsoft.public.windowsupdate)
  • RE: updates after format
    ... if the Microsoft Server is down. ... software you are installing has not passed Windows Logo testing verify its ... When you try to download an ActiveX control, install an update to Windows ... and you do not have the appropriate certificate in your Trusted Publishers ...
    (microsoft.public.windows.mediacenter)
  • Re: ?Expired Security Certif for MS Update
    ... MBSA should run fine on a new install. ... faith in the downloads I have, that used the expired certificate to get ... At the risk of sounding like an alien abductee, this security invasion ... Microsoft and signed by a CA that your computer trusts I would not worry ...
    (microsoft.public.windowsxp.security_admin)
  • RE: CA and Windows mobile 5.0
    ... certificate or Third party certificate? ... How did you install CA on your mobile device? ... If your Windows SBS Server is running ISA Server, ...
    (microsoft.public.windows.server.sbs)
  • RE: MObile 5 Configuration - Exchange 2003 SP2
    ... I was hoping I could use the SBS Wizards for setting up activesync on the ... I was hoping I could install the SBS certificate by going to the remote web ... - can you do this in Ie mobile ...
    (microsoft.public.windows.server.sbs)