Solved

ISA 2006 SSL

Posted on 2009-04-06
2
641 Views
Last Modified: 2012-05-06
We have an ISA 2006 server sitting in our DMZ, we have a MOSS 2k7 server, a IIS 6.0 server and IIS 7.0 server we have two internet domain names xxx.com.au xxxx.com.au.  These  websites are served from our iis 7.0 box. however there are a number of A records for these two I.e. xx.xxx.com.au xy.xxx.com.au xx.xxxx.com.au and xy.xxxx.com.au these are used in web publishing rules for various web applications from different servers. I.e. Hot Docs / Bugzilla/ among others.

Now for my question: the ISA server is used for all of these, can I secure external traffic whilst keeping http for internal utilising one ssl certificate, my boss wants this because he doesnt want to purchase numerous Verisign Certs to achieve this.(We have to use Verisign for political reasons.)

My thougts are that even if verisign offered a wildcard certificate which it appears they dont, the multiple .com.au's would mean at least two certs would be required.

Please let me know your thoughts.

Regards,

Carl
0
Comment
Question by:carlnys
2 Comments
 

Author Comment

by:carlnys
ID: 24083259
Oops... Missed that one Verisign do wildcard ssl certs, however much of the question remains valid, can you secure communication externally from an ISA box with one generic certificate?

Regards,

Carl
0
 
LVL 17

Accepted Solution

by:
OriNetworks earned 500 total points
ID: 24083716
This is possible with ISA with one certificate. The verisign product you are looking for is called a SAN SSL. Subject Alternative Name SSL http://www.verisign.com/ssl/buy-ssl-certificates/subject-alternative-name-certificates/
You would use this SSL to publish your sites through ISA as normal. There are many guides out there to help you set this up and the ISA wizard is pretty self explanatory.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you need a certificate so you can offer SSL encryption.  But which one should you get?  There are so many choices out there! Here is a generic overview of the main types of SSL certificates sold by the majority of commercial Certification Auth…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now