I'm implementing an application behind Forefront TMG that needs to pass the following directly to the server:
https://server.domain.com
http://server.domain.com
https://server.domain.com:2020
I've got the web listener and firewall setup fine for https://server.domain.com- works fine.
I created a 2nd web listener for the same external IP, specifying to enable https on port 2020 (and using the same ssl certificate) and and a firewall rule redirecting SSL to 2020 for this new web listener. (while the redirect requests to SSL port 2020 is
checked, I'm not specifying a cert
Https://server.domain.com:2020 I get a forefront error:
Error Code: 500 Internal Server Error. The certificate chain was issued by an authority that is not trusted. (-2146893019)
Now, I know there will be the SSL issue, but I need the request to go all the way to the server and have the server error message displayed, not from Forefront.
I'm looking for a method to get Forefront to ignore the SSL issue for 1 internal host on the private subnet and just pass directly to it, like traditional port forwards. Or maybe I'm missing something in the properties of the firewall rule I can change.
Any help would be appreciated. Thanks.
