Solved

ISA 2006 SSL

Posted on 2009-04-06
2
642 Views
Last Modified: 2012-05-06
We have an ISA 2006 server sitting in our DMZ, we have a MOSS 2k7 server, a IIS 6.0 server and IIS 7.0 server we have two internet domain names xxx.com.au xxxx.com.au.  These  websites are served from our iis 7.0 box. however there are a number of A records for these two I.e. xx.xxx.com.au xy.xxx.com.au xx.xxxx.com.au and xy.xxxx.com.au these are used in web publishing rules for various web applications from different servers. I.e. Hot Docs / Bugzilla/ among others.

Now for my question: the ISA server is used for all of these, can I secure external traffic whilst keeping http for internal utilising one ssl certificate, my boss wants this because he doesnt want to purchase numerous Verisign Certs to achieve this.(We have to use Verisign for political reasons.)

My thougts are that even if verisign offered a wildcard certificate which it appears they dont, the multiple .com.au's would mean at least two certs would be required.

Please let me know your thoughts.

Regards,

Carl
0
Comment
Question by:carlnys
2 Comments
 

Author Comment

by:carlnys
ID: 24083259
Oops... Missed that one Verisign do wildcard ssl certs, however much of the question remains valid, can you secure communication externally from an ISA box with one generic certificate?

Regards,

Carl
0
 
LVL 17

Accepted Solution

by:
OriNetworks earned 500 total points
ID: 24083716
This is possible with ISA with one certificate. The verisign product you are looking for is called a SAN SSL. Subject Alternative Name SSL http://www.verisign.com/ssl/buy-ssl-certificates/subject-alternative-name-certificates/
You would use this SSL to publish your sites through ISA as normal. There are many guides out there to help you set this up and the ISA wizard is pretty self explanatory.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question