Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
microsoft.public.windows.server.sbs
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
Message from discussion Remote Web Workplace error
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Ray Fong [MSFT]  
View profile  
 More options Dec 9 2003, 11:27 pm
Newsgroups: microsoft.public.windows.server.sbs
From: rayf...@online.microsoft.com (Ray Fong [MSFT])
Date: Wed, 10 Dec 2003 04:25:22 GMT
Local: Tues, Dec 9 2003 11:25 pm
Subject: Re: Remote Web Workplace error
Print | View thread | Show original | Report this message | Find messages by this author
Default's website's cert should be "Publishing.domain.local" and the ISA's
Incoming Web Request's cert name should be called "xxx.dyndns.biz". CEICW
should take care this for you, unless you manually edit the the cert
settings.

Basically, all the SSL request will be descrpt by ISA's xxx.dnydns.bis
incoming web request, then ISA will reencrypt the traffic and send to
"Publishing.domain.local". That's why the publishing rules created by SBS
in ISA is redirected to "Publishing.domain.local" located in your IIS.

Ray Fong
Microsoft SBS Product Support

This posting is provided "AS IS" with no warranties, and confers no rights.

-

>"Ray Fong [MSFT]" <rayf...@online.microsoft.com> wrote in message
>news:uUufv4#uDHA.3632@cpmsftngxa07.phx.gbl...
>> Did you manually create and install the cert? Or you let CEICW to do it?

>I think I did it with CEICW, but I might have re-done it manually (either
>the creation or the installation) when I found things not working.

>> At the server, can you https://servename/remote, and
>> https://servername:444? If there is any error, please write the exact
>error
>> down. (Note: You may receive an IE warning but it is OK.)

>Both of these work fine-- no error messages.

>> Check IIS, is the Default Website's cert name called
>> "Publishing.domain.local" and the ISA's Incoming Web Request's cert name
>> called "xxx.domain.com"?

>The Default web site's cert name is xxx.dyndns.biz (this is a dynamic DNS
>host name and what we'll be using to access the server remotely). ISA's
>Incoming Web request cert name is also xxx.dyndns.biz.

>This isn't a big deal right now; the two principals can be set to use VPN
>from home, after which everything else will work really great. Sooner or
>later, though, I fear we'll get the "Internet kiosk" question, so I want to
>be prepared.

>> >When I enter https://xxx.domain.com/Remote into my browser from outside
>the
>> >LAN I get

>> >500 Internal Server Error - The certificate chain was issued by an
>> authority
>> >that is not trusted. (-2146893019)
>> >Internet Security and Acceleration Server.

>> >I created and installed a certificate that matches the external FQDN.
The
>> >companyweb page works at https://xxx.domain.com:444. Any clues?


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google