// // Leave a Comment

[Solved] Microsoft Threat Management Gateway The target principal name is incorrect


oday I faced issue while publishhing my Microsoft Lync Web Services URL via Microsoft Threat managemtn gateway. Everytime while testing TMG website rule I get The target principal name is incorrect error. You can see the below error in detail, Testing
https://lync.domain.com:443/OWA/
Category: Destination server certificate error Error details: 0×80090322 -
The target principal name is incorrect.
After doing lot of R&D I found the solution. I have found any article in detail but few blogs help me a lot. Actually the issue is with Certificate CN (Common Name) used at Lync FrontEnd server (i.e. Lync External Web Services) & Threat Magement Gateway side (Public Name of the URL which we enter while creating web Publishing rule) You need to import certificate on both Lync Front End (use Lync topology builder to apply the certificate) & TMG server. for example your Lync external web services name is lyncweb.domain.com then common name should lyncweb.domain.com with additional SAN which are you going to use (e.g. dialin.domain.com etc). Also ensure Public name of the URL which you are going to enter while creating web publishing rule should match with Lync external web service else it will not work..
In next article I will cover how to create certificate request for TMG & how to import it on TMG & Lync front end server.