|
Posted by Brian Komar on July 27, 2006, 2:54 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Answers inline...
ALake@discussions.microsoft.com says...
> I'm running an Enterprise CA on Windows server 2003 (SE) and using the
> certificates to secure OWA on Exhange 2003. I need to export the certificate
> to an ISA 2004 Server that is not part of our domain, but when I try to
> export the private key the option is disabled.
That is correct, the default is to not enable Key export.
>
> I then tried to create my own template (copying the Web Server template) to
> allow export of the private key, but when I try to use the template by
> selecting New-Certificate template to issue on the Certification
> Authority,my template does not appear!
>
> As the ISA server is totally seperate from our network I need to be able to
> export this certificate (and the Root CA as well) but am now stumped as no
> way forward exists - is this because I am using Server 2003 SE instead of
> Adavanced/Datacenter and therefore I'm stuffed?
>
You need EE or DCE to issue certs based on the v2 template. My question to you
is why you
need the *same* cert. This is not the requirement. Log on to the ISA server as
a local
administrator, connect to the http://caname/certsrv WEb site. When prompted for
creds,
provide a user who has read and enroll on the Web Server certificate template.
Then request a Web server certificate (Advanced Request) with the DNS name that
you require.
There has never been a requirement to have the *same* certificate when doing ISA
publishing,
just a certificate with the *DNS NAME* used by the clients to connect.
Brian
| 
XML site map