Re: getting confused with OWA and ISA 2006 over SSL
- From: "Alex" <nospam@xxxxxxxxx>
- Date: Thu, 19 Oct 2006 11:14:03 +0100
For anyone who has this issue in the future and has tried just about
everything else then the solution was ...
rather than export the certificate from IIS 6.0 (which gave me no export
options), I exported the certificate from the MMC snap in which then allowed
me to select 'Include all certificates in the certification path if
possible'. I then imported that one onto the ISA 2006 machine into its
personal cert store and trusted root certification authorities store and
then voila it all started working \o/
"Alex" <nospam@xxxxxxxxx> wrote in message
news:uou%23x8p8GHA.3264@xxxxxxxxxxxxxxxxxxxxxxx
All servers are windows 2003. I have an exchange 2003 server as the
backend server but I'm currently playing around trying to connect to an
Exchange 2003 front end server on SSL. I am using ISA 2006.
I've got a (trial) certificate from Verisign for my front end exchange
server and have it installed. internally on my LAN going to
https://exchangeserver/exchange works as expected.
I've exported the certificate from the front end exchange server to a pfx
file and used the mmc snap in on my ISA 2006 server to import it into the
local computer (personal).
I've created a SSL Listener and been able to select the certificate.
I've then used the OWA 2006 wizard to create a new Exchange Publishing
rule for Outlook Web Access selecting the option 'Use SSL to connect to
the published Web server or server farm' so (I think I'm correct) that
it's SSL from the client to the ISA server to the Front end Exchange
server.
Then on a client machine I connect to the https url for web mail and after
providing my outlook username and password for the HTML form the ISA 2006
server gives me it gives me a 'the page cannot be displayed' error;
Error Code: 500 Internal Server Error. The certificate chain was issued by
an authority that is not trusted. (-2146893019)
NB When I first goto my OWA url it comes up with a Security Alert saying
'This security certificate was issued by a company you have not chosen to
trust. View the certificate to determine whether you want to trust the
certifying authority.' but I can view and and chose to install it and this
doesn't help in any way :/
If I try a different approach and create a OWA connection using HTTP and
my SSL listener with the certificate installed (i.e. client to the ISA
2006 server is SSL but the connection from ISA 2006 to the Exchange server
is not) then it appears to work just fine.
Where am I going wrong? Do I even need to go SSL all that way (I want to
be able to enable change passwords in OWA)?
.
- References:
- Prev by Date: Re: about ISA 2006 form authentication
- Next by Date: no valid network listener
- Previous by thread: Re: getting confused with OWA and ISA 2006 over SSL
- Next by thread: Publishing Issue: Error Code: 403 Forbidden
- Index(es):
Relevant Pages
|
Loading
