Re: SSL Certificate for three servers
- From: "Jon Eden" <Jon Eden@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 7 Jun 2005 23:56:02 -0700
Hi Javier,
Thanks for that. You were right it is SSL Bridging, I've been playing with
it and using the ISA server site for reference so unfortunatly nothing new
there :(
It's good to hear that ISA 2004 will improve on things - I just hope it
improves all the way!
Cheers,
Jon
"Javier Gomez [SBS MVP]" wrote:
> Hi Jon!
>
> First of all let me start by saying that I haven't done this, I'm just
> trying to give you some insight from my experience with SSL certificates and
> ISA.
>
> My 3 comments/suggestions->
>
> 1) You don't need multiple certificates for each machine (as long as the
> fqdn is the same). The SSL cert goes on ISA and it comunicates with the
> other servers via HTTP or SSL (I believe the correct term is "SSL
> bridging").
>
> 2) I believe ISA2004 has serious improvements on this specific area. So, you
> might want to look at that too.
>
> 3) If I were you I would check out www.isaserver.org for info on how to do
> this. This is definitely not a traditional SBS setup, so probably the SBS
> wizards can mess it up. I would also ask on the ISA NGs for advice.
>
> --
> Javier [SBS MVP]
> www.msmvps.com/javier
> << SBS ROCKS!!! >>
>
> "Jon Eden" <Jon Eden@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:A2111302-C226-40B3-B9B2-2937508AE803@xxxxxxxxxxxxxxxx
> > Hi All,
> >
> > I have SBS 2003 premium (haven't installed SP1/ISA2004 yet). I have two
> > other Win2003 servers in the network behind the SBS ISA firewall.
> >
> > All three servers have websites eg:
> > SBS - www.mycompany.co.uk/Exchange for OWA etc
> > WIN2003#1 - www.mycompany.co.uk/ClientExtranets for client extranets
> > WIN2003#2 - www.mycompany.co.uk/DevExtranets for the development of the
> > client extranets
> >
> > Currently these are all running with Web Publishing Rules in ISA so that
> > certain files and folders go to certain servers - all basic and standard
> > stuff I'm sure.
> >
> > Up until now I have been using a self signed SSL cert for securing the OWA
> > traffic and that has worked fine (the Win2003 servers haven't needed to
> > use
> > SSL as yet). Now that I need to get a trusted SSL certificate for all
> > three
> > servers I'm hitting a wall.
> >
> > I was told by the SSL cert company that I'd need three licences on the
> > single certificate (one licence for each server). Stupidly I assumed that
> > this was going to be very easy so went ahead and purchased the
> > certificate.
> >
> > Now, after numerous problems "principle name incorrect", "proxy chain
> > loop"
> > (using www.mycompany.co.uk with IP in HOSTS) etc, I have acknowledged
> > defeat
> > and redone the CICEW wizard to get OWA working again.
> >
> > Does anyone know how to do what I am trying to do and have a step by step
> > guide on it? Or does ISA Server 2004 give me the solution? Or will I
> > have
> > to redo the network structure to do it (yes I know about the security
> > issue
> > with Web servers behind the firewall)?
> >
> > Many thanks for any help!
> >
> > Regards,
> >
> > Jon
>
>
>
.
- Follow-Ups:
- Re: SSL Certificate for three servers
- From: Jerry zhao (MSFT)
- Re: SSL Certificate for three servers
- References:
- SSL Certificate for three servers
- From: Jon Eden
- Re: SSL Certificate for three servers
- From: Javier Gomez [SBS MVP]
- SSL Certificate for three servers
- Prev by Date: Re: Microsoft Antispam
- Next by Date: Re: Microsoft Antispam
- Previous by thread: Re: SSL Certificate for three servers
- Next by thread: Re: SSL Certificate for three servers
- Index(es):
Relevant Pages
|
Loading
