Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

How to Use a Certificate for SSL Authentication Within a Web Publishing Rule


View products that this article applies to.

Summary

This article describes how to set up Internet Security and Acceleration (ISA) Server 2000 to publish a Web site that requires clients to use certificates for authentication. This is required for Web sites that use certificate-based authentication as the only means of making Secure Sockets Layer connections.

Before you can specify a certificate in the Web Publishing Rule in ISA Server, you must first set up the certificate to be used by the Microsoft Web Proxy service on the ISA server.

↑ Back to the top


More information

To set up the certificate to be used by the Web Proxy service:
  1. Set up access to all certificates that have been set up for the Microsoft Web Proxy Service:
    1. Click Start, click Run, type mmc, and then click OK.
    2. Add the Certificates Snap-in.
    3. Click Service Account, and then click local computer.
    4. Click Microsoft Web Proxy service in the drop-down list.
    5. Click Finish, and then click OK until you are back in the Microsoft Management Console (MMC).
  2. Install the certificate to be used by ISA to connect to the restricted Web site. Use either of the two following methods to load this certificate (either way, you must place the certificate in the W3Proxy\Personal/Certificates folder):
    1. Import a certificate from a file by right-clicking the W3Proxy\Personal folder, clicking All Tasks, and then clicking Import; this starts the Import wizard with which you can select your previously exported certificate file.
    2. Copy a previously loaded certificate file from its present location on the ISA server and then paste that certificate into the "W3Proxy\Personal"/Certificates folder. By doing this, you can use the certificate in two locations at once, such as "local computer" or "user" certificates.
  3. Close the Certificates MMC snap-in, and then open the ISA management console.
  4. Open the properties for the Web Publishing Rule to use Certificate Authentication.
  5. On the Bridging tab, select the Use a certificate to authenticate to the SSL Web server check box, and then click Select.
  6. The Select Certificate windows appears with a list of all of the certificates that are assigned to the Microsoft Web Proxy service. If you assign multiple certificates to the Microsoft Web Proxy service, you can assign a certificate per Web Publishing Rule.

↑ Back to the top


Keywords: KB281106, kbhowto, kbenv

↑ Back to the top

Article Info
Article ID : 281106
Revision : 4
Created on : 1/15/2006
Published on : 1/15/2006
Exists online : False
Views : 417