Solved

Requesting a Godaddy Cert for TMG 2010 web listener

Posted on 2012-03-26
5
1,304 Views
Last Modified: 2012-06-22
Hello,

Here is the bind I'm in.

We have an exchange 2010 server that sits behind a TMG 2010  server.  

The certificate that we were using on the web listener on the TMG server for owa has expired.

I went ahead and bought a GoDaddy UCC certificate.  

I'm trying to figure out the correct way to request this certificate and get it installed on the web listener.  

Any advice would be greatly appreciated.

Thanks,
0
Comment
Question by:staleek
  • 2
  • 2
5 Comments
 
LVL 4

Assisted Solution

by:pwnbasketz
pwnbasketz earned 250 total points
ID: 37767740
To import the certificate:

http://technet.microsoft.com/en-us/library/cc441505.aspx

I'm not sure if there's a specific folder you have to install them in or not, but ours are in the personal certificates folder.

Then to setup the certificate in TMG 2010, find the firewall policy for owa and:

Right click policy for owa
Go to properties
Click on the 'Listener' tab
In the 'Listener' tab click 'Properties...'
Click the 'Certificates' tab
Click 'Select Certificate...'
Select the cert you imported from above and click 'Select'
Click OK until you're out and that should be it
0
 

Author Comment

by:staleek
ID: 37768064
Thanks for the reply pwnbasketz

I agree that will allow me to import it into the TMG Web listener.

My main issues is getting the certificate for importing.  

From what I'm reading I will need to generate a CRS request so to get the certificate from GoDaddy.  

I don't see a way to do that from the TMG server.  I read that people do it from the exchange 2010 certificate wizard.  Then import that certificate into the exchange server.  

If that is the case am I to export the certificate and then import it into the TMG 2010 server for the web listener to use?
0
 
LVL 3

Accepted Solution

by:
cfletch1980 earned 250 total points
ID: 37768336
Yes from within the Exchange management console select Server Configuration(with that selected you will see a option on far right pane to create a new Exchange certificate request).

Once you have the CSR, you can request the certificate from GoDaddy. then you import the new certificate back within exchange and finally on your web listener on TMG that relate to the exchange services you publishing. Hope that helps
0
 
LVL 4

Expert Comment

by:pwnbasketz
ID: 37768341
That sounds right.  That was my fault on that one (i misread the question).  But yes, you should generate the CSR from the exchange server, then complete the pending request and then export the certificate.  From everything I have read up on this, Forefront just needs the final certificate imported so that it can perform the SSL bridging (which enables it to scan the packets as they come in and then forward to the destination).
0
 

Author Closing Comment

by:staleek
ID: 38007755
Sorry for the delay.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now