Article ID: 960248 - View products that this article applies to.
When you configure an Active Directory repository to act as an alternate server in Microsoft Intelligent Application Gateway (IAG) 2007, the following error message is returned to the IAG administrator when the repository configuration is completed:
This problem occurs if the Secure Port check box is selected to enable Secure Sockets Layer (SSL) for the alternate server.
The server connection settings are invalid.
Error Message: Invalid alternate server. Make sure the settings are correct, the server is functioning, and the access to server is not blocked by the firewall.
Note The error occurs even if the settings are correct.
This problem occurs because IAG requires that the server is defined by using a fully qualified domain name (FQDN) when you use an SSL connection for a repository server verification. However, for an alternate server, IAG 2007 translates an FQDN to an IP address. Therefore, a server verification failure occurs.
Update informationTo resolve this problem, install Update 1 for Intelligent Application Gateway (IAG) 2007 Service Pack 2 (SP2). This update is described in the following Microsoft Knowledge Base article:
(http://support.microsoft.com/kb/968384/ )Description of Update 1 for Intelligent Application Gateway 2007 Service Pack 2
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Steps to reproduce the behavior
Additionally, a schannel event shows that an error occurs for the IP address that corresponds to the host name that is used for the secondary server setting. This error occurs because SSL negotiation uses the IP address instead of the host name. However, because the connection is using SSL, the certificate does not match the IP address and causes a failure. The schannel event resembles the following:
Event ID 36884
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/824684/ )Description of the standard terminology that is used to describe Microsoft software updates