Before starting the certificate enrollment process, it is important to add the certificate
server to the trusted Internet security zone of the web browser on the ISA server. In addition,
there must not be any rules set up on the ISA server that block access from the local
host to the web server with the CA installed on it.
The following process can be used to request a certificate for the ISA server. This can be
performed from the system that will have the certificate installed on it, but that is not a
requirement. If this is performed on a different system, after the certificates have been
created, they need to be exported and then imported to the correct system.
NOTE
For this process to work properly, the certificate web enrollment server must be accessible
via ISA??™s system policy rules, which normally restrict the ISA server??™s capability to
read web pages on servers. For more information on the system policy, refer to Chapter
5, ???Deploying ISA Server 2006 as a Firewall.???
The following procedure can be used to create the initial certificate request:
1. From the ISA server, open Internet Explorer, and browse to the certificate web enrollment
page.
Pages:
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447