Consider the following scenario:

  • You enable the SSL Inspection feature on a server that has Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1 (SP1)installed.

  • You configure an HTTPS server that does not support Transport Layer Security (TLS) 1.0.

  • You try to access the server repeatedly by using a client computer that has Forefront TMG 2010 SP1 installed.

In this scenario, all attempts to access the server fail, and the Lsass.exe process leaks memory after every attempt. Additionally, the following event entry is logged for every attempt: Note To monitor the handle count of the Lsass.exe process, run the Process Explorer program, add a Handles column by selecting the Handle Count option from the Process Performance tab. For this issue, the handle count for the Lsass.exe process increases by 2-4 handles after each failed attempt.

Symptoms

This issue occurs because a handshake fails in TLS 1.0.

Cause

Update information

To resolve this issue, install the software update that is described in the following Microsoft Knowledge Base (KB) article:

2288910  Software Update 1 for Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1

Resolution

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Status

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

More Information

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.