none
UAG "An unknown error occurred while processing the certificate. Contact the site administrator" RRS feed

  • Question

  • Hi,

    We have been facing an issue with UAG where UAG is unable to process the certificates on the back-end server properly. we get the same error as mentioned at http://blogs.technet.com/b/edgeaccessblog/archive/2010/03/31/an-unknown-error-occurred-while-processing-the-certificate.aspx and we have implemented the fix described in the blog post but to no good.

    There are two websites in specific which are not working;

    1. There is a Apache Server website on SSL

    2. There are 6 IIS servers load balanced through a SSL Load balancer.

    When connecting to these we get the above mentioned error. All other websites running internally on SSL are working fine. It's just that these two aren't.

    Any clues on what should be done?

    Cheers !!

    Wednesday, July 14, 2010 2:45 PM

Answers

  • Hi,

    Yes, the certificates were correct and they were published right. We have resolved the issue though. I dont have a technical justification as I am still trying to gather information. But we got it resolved by adjusting the way the application is published. We used the "Application Hostname" template and configured it to deploy as a web farm. In the servers list we added all the back-end server IP addresses and the internal name of the website as defined on the load balancer to be the first in the list. In our case the internal name and the external is the same.

    I will post the information later here on how that wasn't working before.

    • Marked as answer by Erez Benari Sunday, August 22, 2010 9:40 AM
    Friday, July 16, 2010 2:31 PM

All replies

  • I had a similar problem with a Lotus Notes webmail server...never managed to get it fixed :(
    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Wednesday, July 14, 2010 4:22 PM
    Moderator
  • On the certificates that are failing could you check onthe CRL location, check that UAG can get to this location. Alsocheck that they are from a trusted publisher.
    Thursday, July 15, 2010 1:49 PM
  • Hi,

    Yes, the certificates were correct and they were published right. We have resolved the issue though. I dont have a technical justification as I am still trying to gather information. But we got it resolved by adjusting the way the application is published. We used the "Application Hostname" template and configured it to deploy as a web farm. In the servers list we added all the back-end server IP addresses and the internal name of the website as defined on the load balancer to be the first in the list. In our case the internal name and the external is the same.

    I will post the information later here on how that wasn't working before.

    • Marked as answer by Erez Benari Sunday, August 22, 2010 9:40 AM
    Friday, July 16, 2010 2:31 PM