logo

Weblistener w/SSL Client Cert. Auth. and Outlook Anywhere
BWol posted on Sunday, October 05, 2008 4:40 PM

 
Hello folks,

I have configures a Weblistener with SSL Client Cert. Auth. in ISA 2006. For
OWA and ActiveSync it works perfect with kerberos constrained delegation in
the publishing rule.

For Outlook Anywhere I use the same weblistener (just one official ip). The
publishing rule is configured to ask client for authentication. The problem
is that there comes no dialogue for certificate authtication at the client.
Just the dialogue for user and password...  Don't know whats going wrong...
The client tries to connect but it doesn't work.

In advance thanks.

Kind reagrds,
B. Wolf
reply


You can't do this.Outlook doesn't support certificate auth.
Jim Harrison \(ISA SE\) posted on Sunday, October 05, 2008 4:56 PM

 
You can't do this.
Outlook doesn't support certificate auth.
You can have HTTP-Basic or HTTP-NTLM and that's all.

--
Jim Harrison (ISA SE)

This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html



Hello folks,

I have configures a Weblistener with SSL Client Cert. Auth. in ISA 2006. For
OWA and ActiveSync it works perfect with kerberos constrained delegation in
the publishing rule.

For Outlook Anywhere I use the same weblistener (just one official ip). The
publishing rule is configured to ask client for authentication. The problem
is that there comes no dialogue for certificate authtication at the client.
Just the dialogue for user and password...  Don't know whats going wrong...
The client tries to connect but it doesn't work.

In advance thanks.

Kind reagrds,
B. Wolf
reply

Ok....How to configure this with one official IP?
BWol posted on Monday, October 06, 2008 2:24 AM

 
Ok....

How to configure this with one official IP? For ActiveSync I need the client
certificate authentication.

Thanks.
Regards,
B. Wolf
reply

You can't have certificate authentication and simultaneously serve Outlook
Jim Harrison \(ISA SE\) posted on Monday, October 06, 2008 9:27 AM

 
You can't have certificate authentication and simultaneously serve Outlook
Anywhere clients.
You must either:
1. add an IP and build a separate listener
2. drop certificate authentication

--
Jim Harrison (ISA SE)

This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html



Ok....

How to configure this with one official IP? For ActiveSync I need the client
certificate authentication.

Thanks.
Regards,
B. Wolf
reply

 

Didn't Find The Answer You Were Looking For?
View ISA Posts   Ask A New Question

EggHeadCafe has experts online right now that may know the answer to your question.  We pay them a bonus for answering as many questions as they can.  So, why not help them and yourself by becoming a member (free) and ask them your question right now?
Ask Question In Live Forum

If you have an OpenID and do not want to become a member of the EggHeadCafe forum, you can also sign on to Chat Chaos and post your question to our real time Silverlight chat application.
Ask Question In Chat Chaos

Previous ISA conversation.

ISA    ISA Configuration    ISA Server   






  $1000 Contest    [)ia6l0 iii - $228  |  Jonathan VH - $161  |  Huggy Bear - $135  |  F Cali - $95  |  egg egg - $94  |  more Advertise  |  Privacy  |   (c) 2010