That's not what the error message is telling you. What it's saying is that the common name in the certificate does not match the destinaiton hostname specified in the publishing rule. ________________________________ From: isalist-bounce@xxxxxxxxxxxxx on behalf of Ruba Al-Omari Sent: Wed 7/5/2006 9:20 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: CA I checked the certificate installed on the webserver and the one on the ISA and they match, what else should I check? Also If I install a third NIC on the ISA that belongs to the DMZ (that the second NIC belongs to) and create a second weblistener there, will that work? I have avaliable public IPs on teh "hardware" firewall (and wildcard certificates are quiet expensive.) One last thing, does the ISA publish an Apache server? Thanks, r. On 7/5/06, Jim Harrison <Jim@xxxxxxxxxxxx> wrote: That error tells you that they don't match between the ISA and the published server. ________________________________ From: isalist-bounce@xxxxxxxxxxxxx on behalf of Ruba Al-Omari Sent: Wed 7/5/2006 4:06 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] CA am doing this testing CA, I followed the article from Dr. Tom (Publishing 2 websites with the same web listener), the OWA is working ok, it listens to the wild card certificate and redirect to the webmail certificate, but the other site, it listens to the wildcard certificate, then get me the outlook FBA logon screen (which I don't like, but I will check it later), then after authentication I receive the error: * Error Code: 500 Internal Server Error. The target principal name is incorrect. (-2146893022) I am sure the name on the certificate is the same name at the public DNS and internal DNS and publishing rule, any advice? Thanks, r. All mail to and from this domain is GFI-scanned. All mail to and from this domain is GFI-scanned.