[isalist] Re: Certificate Problem

• From: D PIETRUSZKA USWRN INTERLINK INFRA GM <DPietruszka@xxxxxx>
• To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 19 May 2011 16:35:58 +0000

R u using the same cert. On TMG and the internal server?

Thanks
Diego

Having fun in Tech-Ed Atlanta!
Sent from my Windows Phone
________________________________
From: Rob Moore
Sent: Thursday, May 19, 2011 11:45 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Certificate Problem

Yeah, that’s how I did it—in the Computer certificate store. Thanks for the 
idea, though.

Rob

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jerry Young
Sent: Thursday, May 19, 2011 11:30 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Certificate Problem

Make sure the root and intermediary certificates are installed in the Computer 
certificate stores, not the User certificate stores.  The error is caused by 
some certificate in the chain not being installed on the server correctly.
On Thu, May 19, 2011 at 11:06 AM, Rob Moore 
<RMoore@xxxxxxxx<mailto:RMoore@xxxxxxxx>> wrote:
Hello All—

Has anyone run into this particular problem before? I’m trying to publish an RD 
Web Access site using TMG. I’ve configured RD Web Access on an internal server 
and it works internally. (Although when connecting to it I get a certificate 
error. I can connect anyway.) I can’t connect to it externally, though. I get 
this error:
“The certificate chain was issued by an authority that is not trusted. 
(-2146893019<tel:%28-2146893019>)”

I’ve tried buying a new cert (from Go Daddy). I followed the certificate 
installation instructions to the letter, including installation of the 
intermediate certificate, on both the TMG server and the internal server that 
is hosting the RD Web Access site. But when I do “Test Rule” on this rule, it 
tells me: “0x80090325 – The certificate chain was issued by an authority that 
is not trusted.” It suggests I see 
go.microsoft.com/fwlink/?LinkId=115965<http://go.microsoft.com/fwlink/?LinkId=115965>.
 All that says, though, is that I need to “Import the CA certificate.” I 
thought putting in the intermediate certificate did just that.

I have four other Go Daddy certs on the TMG server and they all work normally.

I’ve Googled these errors and mostly found the same advice, to install the CA 
certificate.

Any hints? Should I talk to the Go Daddy folks?

Thanks,
Rob

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rob Moore
Network Manager
215-241-7870<tel:215-241-7870>
Helpdesk: 800-500-AFSC




--
Cordially yours,
Jerry G. Young II, CISSP
Microsoft Certified Systems Engineer
Young Consulting & Staffing Services Company - Owner
www.youngcss.com<http://www.youngcss.com/>

• Follow-Ups:
  • [isalist] Re: Certificate Problem
    • From: Rob Moore

• References:
  • [isalist] Certificate Problem
    • From: Rob Moore
  • [isalist] Re: Certificate Problem
    • From: Jerry Young
  • [isalist] Re: Certificate Problem
    • From: Rob Moore

Other related posts:

• » [isalist] Certificate Problem- Rob Moore
• » [isalist] Re: Certificate Problem- Jerry Young
• » [isalist] Re: Certificate Problem- Rob Moore
• » [isalist] Re: Certificate Problem - D PIETRUSZKA USWRN INTERLINK INFRA GM
• » [isalist] Re: Certificate Problem- Rob Moore
• » [isalist] Re: Certificate Problem- Jim Harrison
• » [isalist] Re: Certificate Problem- Rob Moore
• » [isalist] Re: Certificate Problem- D PIETRUSZKA USWRN INTERLINK INFRA GM
• » [isalist] Re: Certificate Problem- Rob Moore

1. Home
2. isalist
3. Archive
4. 05-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---