02-01-2012 07:12 AM
Hi,
i am using Enterprise Vault 9 and Exchange 2010, i have configured pulishing rule for both in ISA 2006 but EV test is not passed as my EV is configered for HTTPS (443) port pleas help me out snap shot is attached it seems to like a certifacte issue if yes then what should i have to do
Solved! Go to Solution.
02-01-2012 12:58 PM
Are you sure you know what you are doing ?
This may conflict with configured settings in EV ?
Why don't you import the root certificate of the Root Authority into ISA ?
02-01-2012 08:08 AM
Select the https://evserver................. line and in the bottom screen some more details will be shown.
Do you even have enterprise vault configured on HTTPS (443) ? And is the certificate trusted on the ISA server ?
02-01-2012 08:29 AM
snapshot is attached for detailed vew of error.
i am trying to publish my evserver and i have installed all my certificates in ISA sserver but still no sucsess please help me out to complete my task.
02-01-2012 08:54 AM
Reboot of ISA may help. Sometimes it takes a reboot before certificates are trusted.
02-01-2012 08:56 AM
Just a matter of interest, why have you set your EV server to use 443? Is there a specific reason why you are using 443 when you are publishing it through ISA? Anyways, the error you are getting is because there is a problem with your SSL certificate. It's probably does not contain all the details required i.e. Alternative Sub Names etc. are you using the same cert as you are using on teh ISA server? does the certificate contain all the details required?
02-01-2012 08:58 AM
When you setup the EV Server publishing rule in ISA don't use 443 but use 80. Connection between ISA server and EV server should be 80 because it's internal. If the ISA in on the DMZ then you should IPSec tunnel between your ISA and EV server and also if it's on a public network, otherwise you should use 80 as standard.
If you are using 443 on the EV server then ensure that the SSL certificate is correctly installed and configured.
Hope that helps.
02-01-2012 10:21 AM
i have installed same certificate on ISA and EV server, actually this is the company policy to use 443 and i recently join them the person me installed it with SSL so might be certificate i am ussing on ISA is not currect then any one can tell me how can i check EV Certificate on EV server or how can i export it and then import to ISA ???
02-01-2012 10:33 AM
Check here how to export the certificate from IIS (on the EV server) and import it on ISA:
02-01-2012 10:45 AM
Also which EV client version do you intend to use?
02-01-2012 11:17 AM
i exported the certificate and install on ISA but still same
02-01-2012 11:29 AM
Like I said above, sometimes ISA server needs to be restarted before certificate is trusted !
Also make sure the root certificate is added to the Trusted Root Certification Authorities in the ISA server.
02-01-2012 11:49 AM
Can any one tell me the steps to change port from https to http please i need to do this other wise i will lose my job please help me required complete steps to change port
02-01-2012 12:02 PM
Use the option: "use non-secured connections to connect to the published web server or server farm" in your rule. See:
http://www.symantec.com/business/support/index?page=content&id=TECH61472
02-01-2012 12:34 PM
The error says the certificate chain is not trusted.You likely need to install the root and intermediate certificate on the ISA to support the certificate. Rebooting the ISA as suggested is also a good idea when changing certificates.
02-01-2012 12:54 PM
EV Site is configured for 443 so i think first i have to change its too 80 so tell me that procedure
02-01-2012 12:58 PM
Are you sure you know what you are doing ?
This may conflict with configured settings in EV ?
Why don't you import the root certificate of the Root Authority into ISA ?
02-01-2012 01:01 PM
Which EV client version are you intending to use?
02-01-2012 01:28 PM
Sir i am completly stuck in this certificate issue which certificate i have to import to ISA Server, one more thing i am using Mail Server "Listener" in EV Publishing do i need to use onther listner that have EV SSL Certicate in the Listner tab???
02-02-2012 12:14 AM
The second picture has nothing to do with the mail server Listener.
What you have to do, is browse (with IE) to the page: https://evserver.mtngh.root.net
Make sure IE trusts the whole path, if not, see the link below how to add it:
02-02-2012 01:52 AM
I hope you understand the the full impact when you change EV server to use 443 (both on the EV site properties settings and IIS). Is this an existing EV environment that has been around for a while now?
I would strongly recommend you seek an EV specialist consultancy company in order to help you with the setting up of your EV configurations via ISA to use 443 etc. Contact your local Symantec Partners for more details.