Details of earlier certificate installed on ISA box for b2b.rpgdt.

com
Issuer: CN = Trusted Secure Certificate Authority O = Trusted Secure Certificate Authority C = US Valid from: Thursday, April 30, 2009 8:00:00 PM Valid to: Saturday, May 01, 2010 7:59:59 PM Subject: CN = b2b.rpgdt.com OU = Enterprise SSL OU = Provided by Reynolds Foil, Inc OU = ReynoldsPkg.com O = Reynolds Foil Inc. STREET = 6641 West Broad Street L = Richmond S = Virginia PostalCode = 23230 C = US Subject Alternative name: DNS Name=b2b.rpgdt.com DNS Name=www.b2b.rpgdt.com

Creating the CSR

You cannot create CSR requests from ISA server. In order to create a CSR, you will need to go to a server that is running (IIS or Exchange) and use the certificate request wizard to do so. Submit the CSR to the certificate vendor, and once it is issued import it into the (IIS server or Exchange) that generated the request. At 1. 2. 3. this point, you will need to export the certificate with the private key. To do so, Run mmc on the command prompt of the IIS server Go to file options and add the Certificates snap-in there. Select the Computer account as the certificate management, and then select the Local computer. 4. Expand the Personal hive and find the certificate that you imported as part of the IIS certificate request (Figure 2). Find the certificate and right click on it. Under the All Tasks, select Export.

Figure 2 When the wizard comes up, select Yes, export the private key (Error! Reference source not found.), then click Next to continue.

Figure 3 On the next screen, you will need to make sure that Enable strong protection (Figure 4) is the only option selected and then click Next to continue. You will be prompted to put in a password. You can use any password, but will need to remember what it is when you go to import the certificate on the ISA server. Once you enter in the password, click Next. On the last screen, you will be asked if you want to save the file. Save it to the shared folder or anywhere, so that ISA server gets access to the certificate along with the private key.

The easiest way to do this is to enable the strong protection but you will need Disk Drive sharing from within the RDP client.

Figure 4

Installing CERT on ISA Server Remote control the ISA server and ensure that sharing local resources (Disk Drives) options is selected. This is important as you will not be able to directly connect to the ISA servers shared resources. Once you are connected to the ISA server, you will need to import the certificate into the servers certificate store. To do this, run mmc and add the Certificates add-in. Select the Computer account option, and then select the Local computer option. Expand the Personal, then Certificates hive and select Import. (Figure 5)

Figure 5 In the Import Wizard, select the certificate file that you saved previously and then click Next. You will be prompted to enter in the password that you used during the export process. Enter this password and then make sure that the Mark this key as exportable is not checked, then click Next. On the Certificate Store screen, make sure that the bullet for Place all certificates in the following store is selected, and that the certificates store says Personal (Figure 6). Click Next, and then Finish to import the certificate.

If successful, the certificate should now be displayed in the list with the other certificates that have been imported into the store, as well as be available from within ISA as a selectable certificate you can bind to an IP address.