Solved

ISA 2006 - SSL Certificates showing as INVALID, but they are valid.

Posted on 2007-03-22
7
5,115 Views
Last Modified: 2011-08-18
ISA 2006, Have imported valid, external SSL certificates into personal store of ISA server.  When pointing to them in ISA Listner, it is showing the certificate as "INVALID".   But, I have checked the certificate in MMC Certificates, and it is valid.
I have just downloaded a new SSL certificate from RapidSSL, and got the exact same issue.  

Help?
0
Comment
Question by:drakba
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 31

Expert Comment

by:merowinger
ID: 18772552
is it type "server certificate"?
0
 

Author Comment

by:drakba
ID: 18772682
It is a Web SSL cert created from a cert request in the companion IIS server.
0
 
LVL 3

Expert Comment

by:dbacks1000
ID: 18774591
So did you requested the SSL certificate with IIS on your Exchange server?  If not how did you do this?  If you did you will want to install that Cert on the Exchange Server and then export it out and install in on the ISA server.

You may want to download the Root certificate from RapidSSL and install it in your Trusted Root Certificates.
It look like thier Root Certificate is here...
http://www.rapidssl.com/legal/index.htm

Mike
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Accepted Solution

by:
dbacks1000 earned 500 total points
ID: 18774618
I am sorry, you never said Exchange you are just doing an IIS site.  You will want to export the Cert from the IIS site if you have not already done that and not use the one you download from RapidSSL form ISA.  (That has been my experience)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18774637
First question, what are you publishing? Is this a direct connected service such as Sharepoint or a bridged item such as OWA?

If its bridged for owa, can you connect internally to the https://server/exchange url successfully and get a valid cert screen?
0
 

Author Comment

by:drakba
ID: 18779107
Ok, here is the deal.  

I took the certificate sent to me from RapidSSL, and imported it directly in to the ISA server.  That was the problem.  It did not get the private key from the IIS server.

I had to go into the IIS server, and export the cert. to a file (that included the private key), and import it that way into the ISA server, and BINGO, valid cert!
Thank you Dbaks1000!
0
 

Expert Comment

by:AboutToQuit
ID: 30519283
I joined this site to find a solution to this issue.  It was not here.  I'm sure that isn't the case 100% of the time, but thought I'd share what fixed the problem I was having...

You will receive this error if you are using enterprise edition, have an array of servers, and have not imported the certificate to all members of the array.  Until you do, it will show as invalid.

Cheers
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question