Win2k3 Certificates not accepted as Trusted Authority

S

Steven

Hello,

I'm running Win2K3 R2 and Exchange 2003 and installed Certification
Authority to process certs for OWA. When a user clicks to trust/install the
certificate during an OWA session the cert is never saved to the Trusted Root
Certificate Authority section of their browser and they are prompted the next
time they log on to trust /install the cert. Manually copying the .cer file
and adding it to the local computer (even directly to the Trusted Root
Certificate Authority container) has no affect. Please help, any assistance
is greatly appreciated.
 
S

Steven

Thanks for the response, I used this procedure exactly:
http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html

"Brian Komar (MVP)" wrote:

> How did you set up the CA?
> Did you follow the best practices in the whitepaper available at
> www.microsoft.com/pkl
> Did you use certutil to publish the root CA certificate as a trusted root
> authority for the forest?
> Brian
>
> "Steven" <Steven@discussions.microsoft.com> wrote in message
> news:69FFAB5D-52A0-45C6-B908-57DE64C19F30@microsoft.com...
> > Hello,
> >
> > I'm running Win2K3 R2 and Exchange 2003 and installed Certification
> > Authority to process certs for OWA. When a user clicks to trust/install
> > the
> > certificate during an OWA session the cert is never saved to the Trusted
> > Root
> > Certificate Authority section of their browser and they are prompted the
> > next
> > time they log on to trust /install the cert. Manually copying the .cer
> > file
> > and adding it to the local computer (even directly to the Trusted Root
> > Certificate Authority container) has no affect. Please help, any
> > assistance
> > is greatly appreciated.
>
 
B

Brian Komar \(MVP\)

Although the procedure installs a CA and installas an SSL certificate, it is
a far cry from properly setting up a PKI and establishing certificate trust
in the enterprise.
Please look for the best practices whitepaper I referenced.
You have a long way to go on the PKI front for your deployment.
Brian

"Steven" <Steven@discussions.microsoft.com> wrote in message
news:2EF63311-1126-4115-932E-E366B8C861F8@microsoft.com...
> Thanks for the response, I used this procedure exactly:
> http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
>
> "Brian Komar (MVP)" wrote:
>
>> How did you set up the CA?
>> Did you follow the best practices in the whitepaper available at
>> www.microsoft.com/pkl
>> Did you use certutil to publish the root CA certificate as a trusted root
>> authority for the forest?
>> Brian
>>
>> "Steven" <Steven@discussions.microsoft.com> wrote in message
>> news:69FFAB5D-52A0-45C6-B908-57DE64C19F30@microsoft.com...
>> > Hello,
>> >
>> > I'm running Win2K3 R2 and Exchange 2003 and installed Certification
>> > Authority to process certs for OWA. When a user clicks to trust/install
>> > the
>> > certificate during an OWA session the cert is never saved to the
>> > Trusted
>> > Root
>> > Certificate Authority section of their browser and they are prompted
>> > the
>> > next
>> > time they log on to trust /install the cert. Manually copying the .cer
>> > file
>> > and adding it to the local computer (even directly to the Trusted Root
>> > Certificate Authority container) has no affect. Please help, any
>> > assistance
>> > is greatly appreciated.
>>
 
D

Dan

Brian, for the convience of the poster and because I was interested as well,
I tried your web link with the following result:

the web link is not found and it gives you a list of options. Which is best
for the user to choose.

http://www.microsoft.com/pkl

We are sorry, the page you requested cannot be found.
See below for search results close to your request, or try a new search.

Unless I copied and copied your web link incorrectly which is entirely
possibly since I am but a human computer user. <smile>

"Brian Komar (MVP)" wrote:

> Although the procedure installs a CA and installas an SSL certificate, it is
> a far cry from properly setting up a PKI and establishing certificate trust
> in the enterprise.
> Please look for the best practices whitepaper I referenced.
> You have a long way to go on the PKI front for your deployment.
> Brian
>
> "Steven" <Steven@discussions.microsoft.com> wrote in message
> news:2EF63311-1126-4115-932E-E366B8C861F8@microsoft.com...
> > Thanks for the response, I used this procedure exactly:
> > http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
> >
> > "Brian Komar (MVP)" wrote:
> >
> >> How did you set up the CA?
> >> Did you follow the best practices in the whitepaper available at
> >> www.microsoft.com/pkl
> >> Did you use certutil to publish the root CA certificate as a trusted root
> >> authority for the forest?
> >> Brian
> >>
> >> "Steven" <Steven@discussions.microsoft.com> wrote in message
> >> news:69FFAB5D-52A0-45C6-B908-57DE64C19F30@microsoft.com...
> >> > Hello,
> >> >
> >> > I'm running Win2K3 R2 and Exchange 2003 and installed Certification
> >> > Authority to process certs for OWA. When a user clicks to trust/install
> >> > the
> >> > certificate during an OWA session the cert is never saved to the
> >> > Trusted
> >> > Root
> >> > Certificate Authority section of their browser and they are prompted
> >> > the
> >> > next
> >> > time they log on to trust /install the cert. Manually copying the .cer
> >> > file
> >> > and adding it to the local computer (even directly to the Trusted Root
> >> > Certificate Authority container) has no affect. Please help, any
> >> > assistance
> >> > is greatly appreciated.
> >>
>
 
B

Brian Komar \(MVP\)

Sorry for the typo. But I still figured that anyone could figure out a type
for pkl vs pki <G>.
www.microsoft.com/pki
Brian

"Dan" <Dan@discussions.microsoft.com> wrote in message
news:46376CA4-571F-4526-B04C-CF00C47C9AE3@microsoft.com...
> Brian, for the convience of the poster and because I was interested as
> well,
> I tried your web link with the following result:
>
> the web link is not found and it gives you a list of options. Which is
> best
> for the user to choose.
>
> http://www.microsoft.com/pkl
>
> We are sorry, the page you requested cannot be found.
> See below for search results close to your request, or try a new search.
>
> Unless I copied and copied your web link incorrectly which is entirely
> possibly since I am but a human computer user. <smile>
>
> "Brian Komar (MVP)" wrote:
>
>> Although the procedure installs a CA and installas an SSL certificate, it
>> is
>> a far cry from properly setting up a PKI and establishing certificate
>> trust
>> in the enterprise.
>> Please look for the best practices whitepaper I referenced.
>> You have a long way to go on the PKI front for your deployment.
>> Brian
>>
>> "Steven" <Steven@discussions.microsoft.com> wrote in message
>> news:2EF63311-1126-4115-932E-E366B8C861F8@microsoft.com...
>> > Thanks for the response, I used this procedure exactly:
>> > http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
>> >
>> > "Brian Komar (MVP)" wrote:
>> >
>> >> How did you set up the CA?
>> >> Did you follow the best practices in the whitepaper available at
>> >> www.microsoft.com/pkl
>> >> Did you use certutil to publish the root CA certificate as a trusted
>> >> root
>> >> authority for the forest?
>> >> Brian
>> >>
>> >> "Steven" <Steven@discussions.microsoft.com> wrote in message
>> >> news:69FFAB5D-52A0-45C6-B908-57DE64C19F30@microsoft.com...
>> >> > Hello,
>> >> >
>> >> > I'm running Win2K3 R2 and Exchange 2003 and installed Certification
>> >> > Authority to process certs for OWA. When a user clicks to
>> >> > trust/install
>> >> > the
>> >> > certificate during an OWA session the cert is never saved to the
>> >> > Trusted
>> >> > Root
>> >> > Certificate Authority section of their browser and they are prompted
>> >> > the
>> >> > next
>> >> > time they log on to trust /install the cert. Manually copying the
>> >> > .cer
>> >> > file
>> >> > and adding it to the local computer (even directly to the Trusted
>> >> > Root
>> >> > Certificate Authority container) has no affect. Please help, any
>> >> > assistance
>> >> > is greatly appreciated.
>> >>
>>
 
D

Dan

Of course, thanks <grin --- me and the slow brain activity on a Saturday in
the SouthWestern U.S.A.>

"Brian Komar (MVP)" wrote:

> Sorry for the typo. But I still figured that anyone could figure out a type
> for pkl vs pki <G>.
> www.microsoft.com/pki
> Brian
>
> "Dan" <Dan@discussions.microsoft.com> wrote in message
> news:46376CA4-571F-4526-B04C-CF00C47C9AE3@microsoft.com...
> > Brian, for the convience of the poster and because I was interested as
> > well,
> > I tried your web link with the following result:
> >
> > the web link is not found and it gives you a list of options. Which is
> > best
> > for the user to choose.
> >
> > http://www.microsoft.com/pkl
> >
> > We are sorry, the page you requested cannot be found.
> > See below for search results close to your request, or try a new search.
> >
> > Unless I copied and copied your web link incorrectly which is entirely
> > possibly since I am but a human computer user. <smile>
> >
> > "Brian Komar (MVP)" wrote:
> >
> >> Although the procedure installs a CA and installas an SSL certificate, it
> >> is
> >> a far cry from properly setting up a PKI and establishing certificate
> >> trust
> >> in the enterprise.
> >> Please look for the best practices whitepaper I referenced.
> >> You have a long way to go on the PKI front for your deployment.
> >> Brian
> >>
> >> "Steven" <Steven@discussions.microsoft.com> wrote in message
> >> news:2EF63311-1126-4115-932E-E366B8C861F8@microsoft.com...
> >> > Thanks for the response, I used this procedure exactly:
> >> > http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
> >> >
> >> > "Brian Komar (MVP)" wrote:
> >> >
> >> >> How did you set up the CA?
> >> >> Did you follow the best practices in the whitepaper available at
> >> >> www.microsoft.com/pkl
> >> >> Did you use certutil to publish the root CA certificate as a trusted
> >> >> root
> >> >> authority for the forest?
> >> >> Brian
> >> >>
> >> >> "Steven" <Steven@discussions.microsoft.com> wrote in message
> >> >> news:69FFAB5D-52A0-45C6-B908-57DE64C19F30@microsoft.com...
> >> >> > Hello,
> >> >> >
> >> >> > I'm running Win2K3 R2 and Exchange 2003 and installed Certification
> >> >> > Authority to process certs for OWA. When a user clicks to
> >> >> > trust/install
> >> >> > the
> >> >> > certificate during an OWA session the cert is never saved to the
> >> >> > Trusted
> >> >> > Root
> >> >> > Certificate Authority section of their browser and they are prompted
> >> >> > the
> >> >> > next
> >> >> > time they log on to trust /install the cert. Manually copying the
> >> >> > .cer
> >> >> > file
> >> >> > and adding it to the local computer (even directly to the Trusted
> >> >> > Root
> >> >> > Certificate Authority container) has no affect. Please help, any
> >> >> > assistance
> >> >> > is greatly appreciated.
> >> >>
> >>
>
 
You must log in or register to reply here.

Similar threads

D
OpenSSL Certificates used for NPS EAP - Reason Code 295 (CA certificates is not trusted by the policy provider)
Replies
0
Views
43
Dave Baddorf
D
N
Ignite 2022: What's new in Windows Server Azure Edition
Replies
0
Views
103
Ned Pyle
N
P
Microsoft certificate trust list publisher not valid for the selected purpose error causing issues connecting to many sites, apps, and windows update
Replies
0
Views
207
PlayfulShad0w
P
B
  • Article
Releasing Windows 10 Build 19044.1806 to Release Preview Channel
Replies
0
Views
263
Brandon LeBlanc
B
B
  • Article
Releasing Windows 11 Build 22000.776 to the Release Preview Channel
Replies
0
Views
271
Brandon LeBlanc
B
Back
Top Bottom