A Unified Communication Blog
Get Adobe Flash player

I was at a customer today to install a new TMG Enterprise with the Exchange 2010 Edge Transport role installed together with Forefront for Exchange 2010.
After the installation TMG didn’t update the Cloudmark antispam engine.

I installed Service pack 1 for TMG, and Software Update to SP1, and Exchange 2010 rollup 1, but nothing solved the problem. So I used the logging tool in TMG to see if there were any errors in connecting to Microsoft – and bingo.
I found the below error:
12226 The certification authority that issued the SSL server certificate supplied by a destination server is not trusted by the local computer.

The error tells me that the TMG blocks the request for lvc.cloudmark.com because I’m also is using HTTPS inspection in the TMG.
Nice error Microsoft !!!!
So to solve the problem I created an exception for lvc.cloudmark.com in the HTTPS policy.

But that didn’t solve the problem – the TMG still blocked the certificate so I also created an exception for the localhost in the HTTPS inspection, and now it worked .

The TMG afterwards updated the cloudmark engine successful.
Hope it can help others, until Microsoft changes the certificate for the cloudmark update servers.
/Joachim

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Search

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 71 other subscribers

Follow me on Twitter