Thursday, September 27, 2012 5:37 PMI am publishing a non-IIS hosted website. This website uses a certificate (site1.company.com). I do not have the ability to export with private key. I can request a new certificate with the same subject name (Site1.company.com) to use on the TMG listener. This cert will have different expiration date and keys. Will This be an issue if the subject names are the same?
Thursday, September 27, 2012 6:40 PM
no problem. If you use HTTPS to HTTPS bridging you can use any certificate on the Listener of the TMG Server. You must make sure that the DNS name can be correctly resolved by DNS and the CN (Common Name) of the certificate installed on the internal webserver matches the name you use in the TMG Webserver publishing rule
regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.nt-faq.de
Tuesday, October 02, 2012 3:07 PM
Thanks for the response Marc.
So essentially the client/end-user only sees the certificate that is configured on the listener. And based on this I could use VeriSign on the listener and an internally issued cert for the internal web server, correct?
Is there any benefit to using the same cert on the web server and the TMG listener?