Sign in with
Sign up | Sign in
Your question

Importing Certificate

Last response: in Windows 2000/NT
Share
October 21, 2004 5:59:20 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Hi
I have a Stand-Alone root CA and I installed a certificate on my OWA 5.5
server
To keep secure my external connection with OWA, I'm trying to import this
certificate on my ISA 2000 server. After exporting the PKI and Certificate
into a pfx file, I wanted to import it in ISA so I opened the Console root,
loaded the certificate snap-in and imported the pfx file into personal
certificate store, but when I looked on the Trusted Root Certification
Authorities, the CA certificate for my Stand-alone CA doesn't appear ...

Any idea?

More about : importing certificate

October 21, 2004 6:47:03 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Hi Mike

Okay, finally I could import the certificate on ISA (computer local) and
Microsoft Web Proxy service on ISA. The certificate looks good ... but when
trying to test the url (https:// ...) , the page is not found.

From the Web Publishing Rule on the Bridging tab, I'm trying to select the
SSL web service, but ISA tells me that there is not a certificate installed
on this machine

Any idea?

"Sean" wrote:

> Hi
> I have a Stand-Alone root CA and I installed a certificate on my OWA 5.5
> server
> To keep secure my external connection with OWA, I'm trying to import this
> certificate on my ISA 2000 server. After exporting the PKI and Certificate
> into a pfx file, I wanted to import it in ISA so I opened the Console root,
> loaded the certificate snap-in and imported the pfx file into personal
> certificate store, but when I looked on the Trusted Root Certification
> Authorities, the CA certificate for my Stand-alone CA doesn't appear ...
>
> Any idea?
Anonymous
a b 8 Security
October 22, 2004 3:01:31 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Hi Sean,

On your CA server Web Interface go to "Download a CA certificate,
certificate change or CRL" On next page select Download CA certificate. Save
it to the file and transfer it to the ISA server (or any client that needs
to trust certificates issued by this CA). Double click the file (.cer file)
and follow the wizard. Default values should be OK and after you are done,
your issued certificate should be trusted by the computer.

I hope this helps,

Mike

"Sean" <Sean@discussions.microsoft.com> wrote in message
news:E8F6F084-F5B6-48A8-B5AA-AB3AEB90A1F4@microsoft.com...
> Hi
> I have a Stand-Alone root CA and I installed a certificate on my OWA 5.5
> server
> To keep secure my external connection with OWA, I'm trying to import this
> certificate on my ISA 2000 server. After exporting the PKI and Certificate
> into a pfx file, I wanted to import it in ISA so I opened the Console
root,
> loaded the certificate snap-in and imported the pfx file into personal
> certificate store, but when I looked on the Trusted Root Certification
> Authorities, the CA certificate for my Stand-alone CA doesn't appear ...
>
> Any idea?
Related resources
Anonymous
a b 8 Security
October 22, 2004 3:55:28 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Hi,

Here is guide than can lead you step by step...

Chapter 2: Configuring ISA Server and Exchange
Jump to step 4: Configure Your Server Architecture and SSL

http://www.microsoft.com/technet/prodtechnol/exchange/g...

Feel free to post back with any additional question. Here is also ISA
NewsGroup if you help with ISA "microsoft.public.isa.configuration"

Mike

"Sean" <Sean@discussions.microsoft.com> wrote in message
news:8B567AA2-21C1-4109-9040-ACA7F505E6EF@microsoft.com...
> Hi Mike
>
> Okay, finally I could import the certificate on ISA (computer local) and
> Microsoft Web Proxy service on ISA. The certificate looks good ... but
when
> trying to test the url (https:// ...) , the page is not found.
>
> From the Web Publishing Rule on the Bridging tab, I'm trying to select the
> SSL web service, but ISA tells me that there is not a certificate
installed
> on this machine
>
> Any idea?
>
> "Sean" wrote:
>
> > Hi
> > I have a Stand-Alone root CA and I installed a certificate on my OWA 5.5
> > server
> > To keep secure my external connection with OWA, I'm trying to import
this
> > certificate on my ISA 2000 server. After exporting the PKI and
Certificate
> > into a pfx file, I wanted to import it in ISA so I opened the Console
root,
> > loaded the certificate snap-in and imported the pfx file into personal
> > certificate store, but when I looked on the Trusted Root Certification
> > Authorities, the CA certificate for my Stand-alone CA doesn't appear ...
> >
> > Any idea?
October 22, 2004 11:59:02 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Hi Mike

I'm not able to run SSL on ISA yet. When trying to hit
https://server/exchange a "the page cannot be displayed - cannot find server
or DNS error" message comes up.
I remove SSL from my web publishing rule and I'm able to hit
http://server/exchange, so it means that the problem is on SSL.

By the way, internal users can access OWA by HTTPS protocol. It means that
the certificate is working well.

The following are the steps that I've done on ISA and I don't know what else
make ..
1. Export the certificate (YES - Export Private Key / PKCS#12 (pfx) Export
File Format)
2. Import pfx file into ISA (Console Certificates Local Computer \ Personal
Certificate and Trusted Root Certificate \ Console Certificate Web Proxy
Services \ Personal and Trusted Root Certificate
3. Verify the certificate is active in both local computer and Service
Accout - YES
4. Create the Web Publishing Rule (SSL between OWA external client and ISA -
YES
SSL between ISA and OWA webserver - YES)
5. Enabling SSL listeners - YES
6. Configure listeners individually per IP address:
Server: Firewall Name
IP Address: Firewall IP
Authentication: Integrated
Server Certificate: Stand-AlondCA's server name

Any thoughts is welcome ...

Thanks




"Miha Pihler" wrote:

> Hi,
>
> Here is guide than can lead you step by step...
>
> Chapter 2: Configuring ISA Server and Exchange
> Jump to step 4: Configure Your Server Architecture and SSL
>
> http://www.microsoft.com/technet/prodtechnol/exchange/g...
>
> Feel free to post back with any additional question. Here is also ISA
> NewsGroup if you help with ISA "microsoft.public.isa.configuration"
>
> Mike
>
> "Sean" <Sean@discussions.microsoft.com> wrote in message
> news:8B567AA2-21C1-4109-9040-ACA7F505E6EF@microsoft.com...
> > Hi Mike
> >
> > Okay, finally I could import the certificate on ISA (computer local) and
> > Microsoft Web Proxy service on ISA. The certificate looks good ... but
> when
> > trying to test the url (https:// ...) , the page is not found.
> >
> > From the Web Publishing Rule on the Bridging tab, I'm trying to select the
> > SSL web service, but ISA tells me that there is not a certificate
> installed
> > on this machine
> >
> > Any idea?
> >
> > "Sean" wrote:
> >
> > > Hi
> > > I have a Stand-Alone root CA and I installed a certificate on my OWA 5.5
> > > server
> > > To keep secure my external connection with OWA, I'm trying to import
> this
> > > certificate on my ISA 2000 server. After exporting the PKI and
> Certificate
> > > into a pfx file, I wanted to import it in ISA so I opened the Console
> root,
> > > loaded the certificate snap-in and imported the pfx file into personal
> > > certificate store, but when I looked on the Trusted Root Certification
> > > Authorities, the CA certificate for my Stand-alone CA doesn't appear ...
> > >
> > > Any idea?
>
>
>
!