Solved

Publishing a site that uses http and https

Posted on 2010-11-30
5
662 Views
Last Modified: 2012-06-27
We have a site sitting behind TMG thats http and we're adding https becuase of a store.

We purchased Netsol's NSprotect secure (extended valiation) cert from network solutions and I have the cert installed on the website. I'm not sure what cert to install on the TMG box so I can enable https on the web listener to allow https://www.ourwebsite.com.

Thanks
0
Comment
Question by:matt_helm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 6

Accepted Solution

by:
malkaj01 earned 500 total points
ID: 34239326
It actually depends on who will handle the SSL encryption overload.

You have two options:

1) Install the cert on your web server and foward HTTPS traffic from TMG.

2) Install the cert on your TMG and relay it to your web server.
0
 

Author Comment

by:matt_helm
ID: 34239384
I figured out the fowarding HTTPS traffic to the IIS server and got it to work.

I just didn't know if this was the correct way. When you go to enable https on the web listener it won't let you unless you have a cert installed.

So.. thats why i'm a bit confused.

Thanks
0
 

Author Comment

by:matt_helm
ID: 34240360
Can you explain how to relay the cert to my server if i install it on TMG? Apparantly we're having issues with Webdav running like crap now.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 34241599
If you dont want to install the certificate on the TMG, then try to purplish the server as non-web server ( non-web server publish rule) using the https protocol.
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 34242936
well you could try installing the certificate to the tmg and publish the website through the ssl listener as a website.

the connection would be ssl secure from the outside client to the tmg. but not from tmg to the webserver.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question