Intermittent HTTP 500 error codes occur when you access a Forefront Unified Access Gateway 2010 portal

Applies to: Forefront Unified Access Gateway 2010Microsoft Forefront Unified Access Gateway 2010 Service Pack 1

Symptoms


You may receive intermittent errors from the server that is running Microsoft Forefront Unified Access Gateway (UAG) 2010. These errors usually occur during the logon process, and you may receive an HTTP 500 error code. However, you may receive an HTTP 400 error code or Forefront UAG error code 152. This problem is frequently triggered by heavy load conditions on the Forefront UAG server.

If you perform tracing in Forefront UAG, encryption or decryption errors may occur that resemble the following in the trace:

[whlsecurityutilities CSSOHelpers::Decrypt SSOHelpers.cpp@524] ERROR:CryptoKey::Decrypt() BCryptDecrypt2 Status[-1073741762]
[whlsecurityutilities CSignatureHandler::RemoveSignature SignatureHandler.cpp@233] ERROR:CSSOHelpers::Decrypt failed

Cause


This problem occurs because of corruption of a shared memory buffer in a cryptographic key structure that Forefront UAG uses to encrypt and decrypt strings as part of its host address translation (HAT) signing process.

Resolution


To resolve this problem, install Service Pack 4 for Microsoft Forefront Unified Access Gateway 2010.

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


See the terminology Microsoft uses to describe software updates.