[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2951
  • Last Modified:

Error Code: 500 Internal Server Error. The target principal name is incorrect. (-2146893022)

We have an SBS 2003 Standard R2 environment with ISA Server 2006 Standard on a separate Windows Server 2003 machine (Dual NICs). We cannot figure out how to publish OWA or any other SSL encrypted site hosted on the SBS machine. I have been through everything I can think of and all I get is the error in the question title. Currently the web listener has the 3rd party SSL certificate from Thawte and the web server has a self-signed certificate created using the CEICW. The ISA server is a Domain Member. What am I missing?
0
dsasc
Asked:
dsasc
2 Solutions
 
BembiCEOCommented:
So, fist at all, you have two certificated, one between the client and the ISA, and a second between the ISA and your web server. The certificates must fit to the accessed domain to be valid. So the certificate for the client must be issued for your external domain name, whcih is used to connect to OWA, and the internal certificate must fit to the server name, which is used in ISA to connect to the Web-Server. Or you may decide to leave the internal communication unencrypted.

Read this:
http://www.isaserver.org/tutorials/error505.html 
0
 
kain21Commented:
Just to add a little more this, I'm guessing you likely have the "Forward original host header instead of the site name" check box enabled on the To tab of the rule publishing OWA.  If so, you should uncheck this box as the internal site name is different than the external one.  Something else you will need to verify is that the ISA server computer does not receive any certificate errors when it browses via SSL to the internal site name of OWA.  Since you have a self-signed cert, you may need to import the certificate you created with the CEICW into the Trusted Root Certification Authorities on your ISA Server to get rid of any certificate warnings.

Mike
0
 
dsascAuthor Commented:
I resolved this problem with a call to Microsoft support. Both suggestions were used in the resolution for this issue.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now