Re: SSL Certificate for three servers
- From: "Javier Gomez [SBS MVP]" <javier_gomez@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 7 Jun 2005 11:50:10 -0400
Hi Jon!
First of all let me start by saying that I haven't done this, I'm just
trying to give you some insight from my experience with SSL certificates and
ISA.
My 3 comments/suggestions->
1) You don't need multiple certificates for each machine (as long as the
fqdn is the same). The SSL cert goes on ISA and it comunicates with the
other servers via HTTP or SSL (I believe the correct term is "SSL
bridging").
2) I believe ISA2004 has serious improvements on this specific area. So, you
might want to look at that too.
3) If I were you I would check out www.isaserver.org for info on how to do
this. This is definitely not a traditional SBS setup, so probably the SBS
wizards can mess it up. I would also ask on the ISA NGs for advice.
--
Javier [SBS MVP]
www.msmvps.com/javier
<< SBS ROCKS!!! >>
"Jon Eden" <Jon Eden@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A2111302-C226-40B3-B9B2-2937508AE803@xxxxxxxxxxxxxxxx
> Hi All,
>
> I have SBS 2003 premium (haven't installed SP1/ISA2004 yet). I have two
> other Win2003 servers in the network behind the SBS ISA firewall.
>
> All three servers have websites eg:
> SBS - www.mycompany.co.uk/Exchange for OWA etc
> WIN2003#1 - www.mycompany.co.uk/ClientExtranets for client extranets
> WIN2003#2 - www.mycompany.co.uk/DevExtranets for the development of the
> client extranets
>
> Currently these are all running with Web Publishing Rules in ISA so that
> certain files and folders go to certain servers - all basic and standard
> stuff I'm sure.
>
> Up until now I have been using a self signed SSL cert for securing the OWA
> traffic and that has worked fine (the Win2003 servers haven't needed to
> use
> SSL as yet). Now that I need to get a trusted SSL certificate for all
> three
> servers I'm hitting a wall.
>
> I was told by the SSL cert company that I'd need three licences on the
> single certificate (one licence for each server). Stupidly I assumed that
> this was going to be very easy so went ahead and purchased the
> certificate.
>
> Now, after numerous problems "principle name incorrect", "proxy chain
> loop"
> (using www.mycompany.co.uk with IP in HOSTS) etc, I have acknowledged
> defeat
> and redone the CICEW wizard to get OWA working again.
>
> Does anyone know how to do what I am trying to do and have a step by step
> guide on it? Or does ISA Server 2004 give me the solution? Or will I
> have
> to redo the network structure to do it (yes I know about the security
> issue
> with Web servers behind the firewall)?
>
> Many thanks for any help!
>
> Regards,
>
> Jon
.
- Follow-Ups:
- Re: SSL Certificate for three servers
- From: Jon Eden
- Re: SSL Certificate for three servers
- References:
- SSL Certificate for three servers
- From: Jon Eden
- SSL Certificate for three servers
- Prev by Date: Re: Thinking about a static IP
- Next by Date: Running LOGIN scripts when using VPN connection
- Previous by thread: SSL Certificate for three servers
- Next by thread: Re: SSL Certificate for three servers
- Index(es):
Relevant Pages
|
Loading
