|
 |
 |
 |
 |
 | Membership: |  | Latest:jenisa villarin |  | New Today:12 |  | New Yesterday:10 |  | Overall:23322 |
|
|
|
|
 |
 |
|
 |
|
|
| Mariette Knap | 12893 |
| Marina Roos | 12507 |
| Eriq Neale | 2114 |
| Stan Guinn | 1913 |
| Michael Patrick | 1912 |
| Robert Pearman | 1771 |
| Nick Pieters | 1425 |
| Stewart Brown | 616 |
| william warren | 598 |
| Kevin D. | 579 |
|
|
|
|
|
 |
|
|
Welcome unauthorized visitor
|
|
|
 |
|
If you want to join us in the discussions on this forum you need to register first. Registration is free! If you are already a registered user please login to join the forum.
|
|
|
|
 |
|
|
Small Business Server Support Forum
|
|
|
 |
|
 |
Author |
Messages |
|
 |
Steve Moss 
Telford, U.K.
Member since
8/30/2006
Registered Users
Posts: 112
 |
| 10/30/2007 06:06 PM |
|
SBS 2003 R2 Premium, with ISA 2004.
I am having difficulty getting ISA to see a just-purchased GoDaddy SSL certificate. Here's the rub...
24 hours ago I initated the SSL cert purchasing process at GoDaddy after first creating a certificate request on my SBS (using a temporary IIS web site created for the purpose), saving the csr file in the process. Between having supplied the csr to GoDaddy and them returning the generated certificate (about 12 hours) I had - for completety unrelated reasons - to restore the server from a backup made just prior to starting the certification.
Now, the restore was successful and all is working fine on the SBS, However, the pending certificate request is no longer present on the server (because of the restore), so I cannot complete the GoDaddy certificate import using the "Process the pending request..." action in IIS.
I have tried importing the GoDaddy .crt file directly (and their intermediate certificate) to the computer's Personal certificate store and it is available there. In IIS I can attach the certificate to the Default web Site and companyweb, but in ISA 2004 the certificate is not visible for selection when attempting to add it to the web listener (only the previously generated self-signed certificates are visible).
I also tried to fool IIS into allowing me to complete the certificate import process by creating a new CSR in IIS and then completing te pending request with the GoDaddy certificate. No go, though - IIS seems to know the csr and certificate don't match.
Can anyone advise how I might resolve this issue? TIA.
|
|
|
|
|
|
Stewart Brown
United States
Member since
8/22/2005
Platinum Membership
Posts: 616
|
| 10/30/2007 06:44 PM |
|
Are you trying to get the certificate to work in SBS for your email and remorte access, the standard stuff? I don't get the need for a temporary website.
The way I got my godaddy certificate to work was to request the certificate in IIS, get the certificate from godaddy, then change the extension name on it so CEICW would recognize it and then run CEICW and import it there.
If you have goofed up that process I would restart it - godaddy allows you to re-request the certificate. I think you have to delete it in IIS first.
Also remember to get the certificate in the name you want to access the site by. For instance if your domain is "mydomain.com" and you want to access the site by "www.mydomain.com" then you have to get the certificate in that name and aslo use that name in CEICW. |
|
|
|
|
|
Steve Moss
Telford, U.K.
Member since
8/30/2006
Registered Users
Posts: 112
|
| 10/30/2007 06:54 PM |
|
Yes, the cert is for the standard stuff. I did request the cert in IIS (via a temporary web site set up for just that purpose - this is standard procedure) but, as I say, the need to restore the system prior to installing the cert GoDaddy issued meant that the cert request on the server was lost. SBS is very picky, it seems, to ensure a 3rd party cert can only be installed when there is a matching request in force. It is this request (in IIS) that was lost due to the system restore.
I suspect that the solution, therefore, is to re-request the cert from GoDaddy (I wasn't aware this was possible) and then install it against that request. Thanks for the help.
|
|
|
|
|
|
Steve Moss
Telford, U.K.
Member since
8/30/2006
Registered Users
Posts: 112
|
| 10/30/2007 07:17 PM |
|
Just to confirm, this issue is now resolved. The solution was to start a new certificate request in IIS (with the same details), and then use GoDaddy's re-key facility to re-generate a new certificate. Then, the cert installation procedure in IIS succeeds in matching the (new) certificate with the outstanding request.
The new cert also installs fine in ISA 2004.
|
|
|
|
|
|
|
| You are not authorized to post a reply. |
|
|
|
ActiveForums 3.7
|
|
|
|
|
These Discussion Forums are dedicated to the discussion of the Small Business Server and related server and client software. For the benefit of the community please observe the following posting guidelines:
- No Advertising. This includes promotion of commercial products and non-commercial products which are not directly related to Small Business Server and related server and client software.
- No Flaming or Trolling.
- No Profanity, Racism, or Prejudice.
- Site Moderators have the final word on approving/removing a thread or post or comment.
|
|
|
|
|
|
|