The venerable Microsoft Forefront TMG 2010 firewall has served capably for many years now, but it is beginning to show its age. For example, many web sites are now using modern SSL certificates with stronger cipher suites and hashing algorithms. When HTTPS inspection is enabled on the TMG firewall in its default configuration, some web sites that use these new certificates may not be accessible. To address this issue, some additional advanced configuration will be required. Be sure to read my latest article on ISAserver.org to learn how to implement this workaround.