500 Internal Server Error - The certificate chain was issued by an authority
that is not trusted. (-2146893019)
Internet Security and Acceleration Server.
I created and installed a certificate that matches the external FQDN. The
companyweb page works at https://xxx.domain.com:444. Any clues?
At the server, can you https://servename/remote, and
https://servername:444? If there is any error, please write the exact error
down. (Note: You may receive an IE warning but it is OK.)
Check IIS, is the Default Website's cert name called
"Publishing.domain.local" and the ISA's Incoming Web Request's cert name
called "xxx.domain.com"?
Ray Fong
Microsoft SBS Product Support
This posting is provided "AS IS" with no warranties, and confers no rights.
I think I did it with CEICW, but I might have re-done it manually (either
the creation or the installation) when I found things not working.
>
> At the server, can you https://servename/remote, and
> https://servername:444? If there is any error, please write the exact
error
> down. (Note: You may receive an IE warning but it is OK.)
Both of these work fine-- no error messages.
>
> Check IIS, is the Default Website's cert name called
> "Publishing.domain.local" and the ISA's Incoming Web Request's cert name
> called "xxx.domain.com"?
The Default web site's cert name is xxx.dyndns.biz (this is a dynamic DNS
host name and what we'll be using to access the server remotely). ISA's
Incoming Web request cert name is also xxx.dyndns.biz.
This isn't a big deal right now; the two principals can be set to use VPN
from home, after which everything else will work really great. Sooner or
later, though, I fear we'll get the "Internet kiosk" question, so I want to
be prepared.
Basically, all the SSL request will be descrpt by ISA's xxx.dnydns.bis
incoming web request, then ISA will reencrypt the traffic and send to
"Publishing.domain.local". That's why the publishing rules created by SBS
in ISA is redirected to "Publishing.domain.local" located in your IIS.
Ray Fong
Microsoft SBS Product Support
This posting is provided "AS IS" with no warranties, and confers no rights.
-