Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Requesting a Godaddy Cert for TMG 2010 web listener

Posted on 2012-03-26
5
Medium Priority
?
1,356 Views
Last Modified: 2012-06-22
Hello,

Here is the bind I'm in.

We have an exchange 2010 server that sits behind a TMG 2010  server.  

The certificate that we were using on the web listener on the TMG server for owa has expired.

I went ahead and bought a GoDaddy UCC certificate.  

I'm trying to figure out the correct way to request this certificate and get it installed on the web listener.  

Any advice would be greatly appreciated.

Thanks,
0
Comment
Question by:staleek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 4

Assisted Solution

by:pwnbasketz
pwnbasketz earned 1000 total points
ID: 37767740
To import the certificate:

http://technet.microsoft.com/en-us/library/cc441505.aspx

I'm not sure if there's a specific folder you have to install them in or not, but ours are in the personal certificates folder.

Then to setup the certificate in TMG 2010, find the firewall policy for owa and:

Right click policy for owa
Go to properties
Click on the 'Listener' tab
In the 'Listener' tab click 'Properties...'
Click the 'Certificates' tab
Click 'Select Certificate...'
Select the cert you imported from above and click 'Select'
Click OK until you're out and that should be it
0
 

Author Comment

by:staleek
ID: 37768064
Thanks for the reply pwnbasketz

I agree that will allow me to import it into the TMG Web listener.

My main issues is getting the certificate for importing.  

From what I'm reading I will need to generate a CRS request so to get the certificate from GoDaddy.  

I don't see a way to do that from the TMG server.  I read that people do it from the exchange 2010 certificate wizard.  Then import that certificate into the exchange server.  

If that is the case am I to export the certificate and then import it into the TMG 2010 server for the web listener to use?
0
 
LVL 3

Accepted Solution

by:
cfletch1980 earned 1000 total points
ID: 37768336
Yes from within the Exchange management console select Server Configuration(with that selected you will see a option on far right pane to create a new Exchange certificate request).

Once you have the CSR, you can request the certificate from GoDaddy. then you import the new certificate back within exchange and finally on your web listener on TMG that relate to the exchange services you publishing. Hope that helps
0
 
LVL 4

Expert Comment

by:pwnbasketz
ID: 37768341
That sounds right.  That was my fault on that one (i misread the question).  But yes, you should generate the CSR from the exchange server, then complete the pending request and then export the certificate.  From everything I have read up on this, Forefront just needs the final certificate imported so that it can perform the SSL bridging (which enables it to scan the packets as they come in and then forward to the destination).
0
 

Author Closing Comment

by:staleek
ID: 38007755
Sorry for the delay.
0

Featured Post

Enroll in September's Course of the Month

This month’s featured course covers 16 hours of training in installation, management, and deployment of VMware vSphere virtualization environments. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question