ISA 2006 - SSL Certificates showing as INVALID, but they are valid.

ISA 2006, Have imported valid, external SSL certificates into personal store of ISA server.  When pointing to them in ISA Listner, it is showing the certificate as "INVALID".   But, I have checked the certificate in MMC Certificates, and it is valid.
I have just downloaded a new SSL certificate from RapidSSL, and got the exact same issue.  

Help?
drakbaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

merowingerCommented:
is it type "server certificate"?
0
drakbaAuthor Commented:
It is a Web SSL cert created from a cert request in the companion IIS server.
0
dbacks1000Commented:
So did you requested the SSL certificate with IIS on your Exchange server?  If not how did you do this?  If you did you will want to install that Cert on the Exchange Server and then export it out and install in on the ISA server.

You may want to download the Root certificate from RapidSSL and install it in your Trusted Root Certificates.
It look like thier Root Certificate is here...
http://www.rapidssl.com/legal/index.htm

Mike
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

dbacks1000Commented:
I am sorry, you never said Exchange you are just doing an IIS site.  You will want to export the Cert from the IIS site if you have not already done that and not use the one you download from RapidSSL form ISA.  (That has been my experience)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Keith AlabasterEnterprise ArchitectCommented:
First question, what are you publishing? Is this a direct connected service such as Sharepoint or a bridged item such as OWA?

If its bridged for owa, can you connect internally to the https://server/exchange url successfully and get a valid cert screen?
0
drakbaAuthor Commented:
Ok, here is the deal.  

I took the certificate sent to me from RapidSSL, and imported it directly in to the ISA server.  That was the problem.  It did not get the private key from the IIS server.

I had to go into the IIS server, and export the cert. to a file (that included the private key), and import it that way into the ISA server, and BINGO, valid cert!
Thank you Dbaks1000!
0
AboutToQuitCommented:
I joined this site to find a solution to this issue.  It was not here.  I'm sure that isn't the case 100% of the time, but thought I'd share what fixed the problem I was having...

You will receive this error if you are using enterprise edition, have an array of servers, and have not imported the certificate to all members of the array.  Until you do, it will show as invalid.

Cheers
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.