When the backend web server which is published via UAG requires an SSL connection, UAG validates the certificate bound to the internal website, just like any normal SSL handshake process.
This validation requires the certificate used by the backend server to be valid and trusted by UAG. The common name of the certificate also needs to match the name which UAG uses to connect to that server. Additionally, at least one of the CRL Distribution Points (CDPs) defined on that certificate and on the other certificates in the trust chain should be accessible by UAG. This is in order for UAG to be able to verify that the certificate is not revoked. If any of these conditions are not met, the SSL handshake process will fail. Depending upon which conditions are not met, make appropriate configuration changes to resolve such an issue. For example, if the certificate is not trusted by UAG, install the issuer certificate in the Trusted Root CA folder of...