Solved

ISA 2006 - SSL Certificates showing as INVALID, but they are valid.

Posted on 2007-03-22
7
5,081 Views
Last Modified: 2011-08-18
ISA 2006, Have imported valid, external SSL certificates into personal store of ISA server.  When pointing to them in ISA Listner, it is showing the certificate as "INVALID".   But, I have checked the certificate in MMC Certificates, and it is valid.
I have just downloaded a new SSL certificate from RapidSSL, and got the exact same issue.  

Help?
0
Comment
Question by:drakba
7 Comments
 
LVL 31

Expert Comment

by:merowinger
ID: 18772552
is it type "server certificate"?
0
 

Author Comment

by:drakba
ID: 18772682
It is a Web SSL cert created from a cert request in the companion IIS server.
0
 
LVL 3

Expert Comment

by:dbacks1000
ID: 18774591
So did you requested the SSL certificate with IIS on your Exchange server?  If not how did you do this?  If you did you will want to install that Cert on the Exchange Server and then export it out and install in on the ISA server.

You may want to download the Root certificate from RapidSSL and install it in your Trusted Root Certificates.
It look like thier Root Certificate is here...
http://www.rapidssl.com/legal/index.htm

Mike
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 3

Accepted Solution

by:
dbacks1000 earned 500 total points
ID: 18774618
I am sorry, you never said Exchange you are just doing an IIS site.  You will want to export the Cert from the IIS site if you have not already done that and not use the one you download from RapidSSL form ISA.  (That has been my experience)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18774637
First question, what are you publishing? Is this a direct connected service such as Sharepoint or a bridged item such as OWA?

If its bridged for owa, can you connect internally to the https://server/exchange url successfully and get a valid cert screen?
0
 

Author Comment

by:drakba
ID: 18779107
Ok, here is the deal.  

I took the certificate sent to me from RapidSSL, and imported it directly in to the ISA server.  That was the problem.  It did not get the private key from the IIS server.

I had to go into the IIS server, and export the cert. to a file (that included the private key), and import it that way into the ISA server, and BINGO, valid cert!
Thank you Dbaks1000!
0
 

Expert Comment

by:AboutToQuit
ID: 30519283
I joined this site to find a solution to this issue.  It was not here.  I'm sure that isn't the case 100% of the time, but thought I'd share what fixed the problem I was having...

You will receive this error if you are using enterprise edition, have an array of servers, and have not imported the certificate to all members of the array.  Until you do, it will show as invalid.

Cheers
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2010 attachment from Visma 1 172
HTTPS vs ISA Server 31 1,955
TMG 2010 Intrusion prevention system issue 6 196
How to block online streaming via TMG2010 ? 2 134
I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question