Hi all, I know that this has been reviewed before; however, I still cannot connect with the UPS Worldship software through my ISA Server. I'm not an expert on ISA but I think I have set up everything correctly for the software to have direct access to www.uoss.ups.com. And when I examine the ISA logs I don't get an entry in the web proxy file, and I do get one in the Firewall log. The firewall log file and the ups trace file are given below, hopefully, somebody can see something that will help me out. I have connected successfully with Worldship on a computer without ISA. The only difference in the log files is that I don't get the "Peer's certificate has an invalid signature" error on the SSL_ForceHandshake, and everything connects correctly. My only guess is that ISA is still somehow messing with the SSL certificate, but I don't know why. Thanks, Michael Weber mweber@xxxxxxxxxxxx --------------------------------- FIREWALL log --------------------------------- 192.168.0.26, <user>, getHostIP.exe:3:5.1, N, 1/20/2004, 11:21:23, fwsrv, XTSERVER, -, www.uoss.ups.com, 153.2.72.100, 0, -, 0, 0, -, -, GHBN, -, -, -, 0, 0, -, Allow rule, 39, 0 192.168.0.26, <user>, ShipUps.exe:3:5.1, N, 1/20/2004, 11:21:23, fwsrv, XTSERVER, -, -, 153.2.72.100, 443, 31, 0, 0, 443, TCP, Connect, -, -, -, 0, 0, Internal access, Allow rule, 31, 109 192.168.0.26, <user>, ShipUps.exe:3:5.1, N, 1/20/2004, 11:21:23, fwsrv, XTSERVER, -, -, 153.2.72.100, 443, 94, 52, 1752, 443, TCP, Connect, -, -, -, 20000, 0, Internal access, Allow rule, 31, 109 --------------------------------- UPS log --------------------------------- Transact Version 2.0.12.0 NSS 2.7.1 Thread 1764 01/20/2004 11:15:34.944 appMsgId=TNT_REQ clientType=1 nPort=443 dwFlags=1 01/20/2004 11:15:34.944 reqInfoLen=251 reqAppDataLen=0 rcvTimeout=120, SndTimeout=30,DNSTimeout=5 01/20/2004 11:15:34.944 Connect: locked. 01/20/2004 11:15:34.944 Socket SetUp entered. 01/20/2004 11:15:34.944 Initializing NSS. 01/20/2004 11:15:34.944 Verifying security databases located at C:\WINDOWS\System32. 01/20/2004 11:15:34.991 SSL_ClearSessionCache completed. 01/20/2004 11:15:34.991 Connecting to : www.uoss.ups.com at port 443 01/20/2004 11:15:34.991 certdir = (C:\WINDOWS\System32) 01/20/2004 11:15:34.991 pszCommandLine = (www.uoss.ups.com 443 C:\WINDOWS\System32 99 GetHostIP1764.dat) ; pszImageModule = (C:\WINDOWS\System32/getHostIP.exe). 01/20/2004 11:15:35.412 Process getHostIP Successfully. 01/20/2004 11:15:35.412 PR_GetHostByName() succeed. 01/20/2004 11:15:35.412 Host IP address = (153.2.72.100) 01/20/2004 11:15:35.553 Error in function SSL_ForceHandshake: -8182 - Peer's certificate has an invalid signature. 01/20/2004 11:15:35.553 Connect: Unlocked. 01/20/2004 11:15:35.553 Total Elapsed Time=640,Time to process transaction=0,Time to resolve HOST IP =421,Time to make connection to HOST=484,Time to make handsake=78,Time to send HTTP request=0,Time to wait for HOST response=0,Time to receiving response message=0 01/20/2004 11:15:35.553 Transact API exited with return code 610, status code 3010. Elapsed time = 0:01