Solved

Error Code: 500 Internal Server Error. The target principal name is incorrect. (-2146893022)

Posted on 2009-05-12
3
2,655 Views
Last Modified: 2012-05-06
We have an SBS 2003 Standard R2 environment with ISA Server 2006 Standard on a separate Windows Server 2003 machine (Dual NICs). We cannot figure out how to publish OWA or any other SSL encrypted site hosted on the SBS machine. I have been through everything I can think of and all I get is the error in the question title. Currently the web listener has the 3rd party SSL certificate from Thawte and the web server has a self-signed certificate created using the CEICW. The ISA server is a Domain Member. What am I missing?
0
Comment
Question by:dsasc
3 Comments
 
LVL 35

Accepted Solution

by:
Bembi earned 250 total points
ID: 24362879
So, fist at all, you have two certificated, one between the client and the ISA, and a second between the ISA and your web server. The certificates must fit to the accessed domain to be valid. So the certificate for the client must be issued for your external domain name, whcih is used to connect to OWA, and the internal certificate must fit to the server name, which is used in ISA to connect to the Web-Server. Or you may decide to leave the internal communication unencrypted.

Read this:
http://www.isaserver.org/tutorials/error505.html 
0
 
LVL 8

Assisted Solution

by:kain21
kain21 earned 250 total points
ID: 24364335
Just to add a little more this, I'm guessing you likely have the "Forward original host header instead of the site name" check box enabled on the To tab of the rule publishing OWA.  If so, you should uncheck this box as the internal site name is different than the external one.  Something else you will need to verify is that the ISA server computer does not receive any certificate errors when it browses via SSL to the internal site name of OWA.  Since you have a self-signed cert, you may need to import the certificate you created with the CEICW into the Trusted Root Certification Authorities on your ISA Server to get rid of any certificate warnings.

Mike
0
 

Author Closing Comment

by:dsasc
ID: 31580457
I resolved this problem with a call to Microsoft support. Both suggestions were used in the resolution for this issue.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WSUS server configuration issue 5 254
2012 identify is there are active sessions 8 228
VPN setup through TMG 1 394
Web Filtering software, alternative to Bloxx/WebMarshal 4 671
ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now