TMG 2010
Exchange 2010 server

1 x Wildcard SSL for domain

Installed the SSL on Exchange 2010, IIS7 (on EX server) and on TMG 2010

All appears good, BUT - Its not working

browsing to OWA I get "Error Code 500: Internal Server Error. The target principal name is incorrect"

Testing the OWA rule in TMG throws a similar error

I've read that I need to create a 2nd SSL from my Domain CA but not sure how to really do this or what SSL Cert goes where?

Any advise would be gratefully appreciated..