You are currently offline, waiting for your internet to reconnect

"HTTP/1.1 502 - Error 11 Bad format" error when you access SSL websites that use SAN certificates in Forefront TMG Server 2010 if a non-English version of a Windows operating system is installed

SYMPTOMS
Consider the following scenario:
  • You have a computer that is running a non-English version of a Windows operating system.
  • You enable the HTTPS Inspection feature in Microsoft Forefront Threat Management Gateway (TMG) Server 2010 that is installed on the computer.
  • You access certain Secure Sockets Layer (SSL) websites that use Subject Alternative Name certificates.
In this scenario, you may receive an error message that resembles the following:  
HTTP/1.1 502 - Error 11 Bad format.


Notes
  • This issue does not occur if you disable the HTTPS Inspection feature in Forefront TMG Server 2010.
  • This issue does not occur if the computer runs an English version of the Windows operating system.

CAUSE
This issue occurs because Forefront TMG Server 2010 has some hard-coded checks on non-localized strings for the SAN extension checks.
RESOLUTION
To resolve this issue, install the hotfix that is described in the following Microsoft Knowledge Base (KB) article:
2498770 Description of the TMG Server rollup package
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
MORE INFORMATION
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates


Properties

Article ID: 2472894 - Last Review: 02/25/2011 09:28:00 - Revision: 1.0

Microsoft Forefront Threat Management Gateway 2010 Enterprise, Microsoft Forefront Threat Management Gateway 2010 Service Pack 1, Microsoft Forefront Threat Management Gateway 2010 Standard

  • kbqfe kbsurveynew kbfix kbexpertiseinter KB2472894
Feedback