FIX: An application that uses port 443 to connect to a remote web server no longer works after HTTPSi is enabled in a Forefront Threat Management Gateway 2010 environment

Symptoms

You run an application that uses port 443 to connect to a remote web server in a Microsoft Forefront Threat Management Gateway 2010 environment. After you enable HTTPS inspection (HTTPSi), the application no longer functions.

Cause

This problem occurs because HTTPSi always performs a secure socket layer (SSL) handshake to the destination web server even if the web server is not running SSL.

Resolution

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:

2555840 Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 2Note After you install Service Pack 2, you can exclude the web servers from the inspection by adding them to the HTTPSi destination exclusion list.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

For more information about HTTPS inspection, visit the following Microsoft TechNet website:

Configuring HTTPS inspectionFor more information about how to exclude the web servers, visit the following Microsoft TechNet website:

Excluding sources and destinations from HTTPS inspectionFor more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×