I was somewhat taken aback to see that my SSL sites were receiving “F” grades!Īfter a little digging, I determined that the root cause of the safety warnings was not my certificates or the configuration of Forefront TMG, but rather the significantly outdated security settings in use by Windows Server 2008 R2 (the most recent version of Windows Server on which Forefront TMG 2010 was supported). I utilized the outstanding SSL Server Test page hosted at Qualys SSL Labs ( ) to diagnose the issue. I verified that the certificates were valid, CRLs were accessible, Forefront TMG was working without errors, etc… but the warnings still persisted. Recently, I noticed that up-to-date versions of several browsers (especially Chrome) were flagging HTTPS URLs from those sites as having questionable security. I manage a number of networks which use Microsoft Forefront TMG 2010 as the primary firewall and reverse proxy.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |