The ISA documentation How to Configure ISA SSL Bridging for System Center Configuration Manager Internet-Based Client Management has been updated with the following information:
Note: HTTP methods for the Internet-based software update point are not included because the HTTP verbs used by WSUS are not documented for the latest WSUS versions. However, previous versions document these as GET, HEAD, and POST and our preliminary testing confirms that these verbs are still used. If you want to increase security for the Internet-based software update point by restricting the HTTP verbs that are allowed, test this configuration yourself by using the instructions "To Modify the Web Publishing Rule to Enable the required HTTP Methods" and for the HTTP methods, substitute the following HTTP verbs: GET, HEAD and POST.
If you need to manually request certificates with a version of a Certification Authority (CA) that does not support Web enrollment for the computer store, see How to Request a Certificate With a Custom Subject Alternative Name for alternative certificate request methods.
This updated documentation has been published with the Community Content footer, so that you can share additional information about this scenario configuration with other customers.
Our thanks to Jim Harrison (Program Manager for Forefront TMG), Jason Jones (Forefront MVP), and Rachel Aldam (Technical Writer, Identify and Security Division) for their help in updating this documentation for our customers.
- Carol Bailey
This posting is provided "AS IS" with no warranties, and confers no rights.