I am running an internal web server which has the public DNS https://xyz.com
This is accesible via our reverse proxy server (Apache) http://proxyserver.com
I have the problem when external users go to https://xyz.com, and try to install the self signed cerificate into the trusted root certificates for Internet explorer they are issued with the certifcate from our reverse proxy http://proxyserver.com
I know this works because on my home pc (outside of work, Vista) I am issued with the certificate from https://xyz.com.
So here are the steps
User uses IE and enters in https://xyz.com, they get a certifcate error, they then click on view certificates and see that the certifcate is for proxyserver.com ,not xyz.com.
Of course when they try to install the certifcate correctly everytime they go to xyz.com they will get the certificate error.