Hi ,
As you stated that TMG act as reverse proxy and handling SSL offloading then nothing needs to be done on the SM side in terms of certificate. The Reverse proxy terminates the HTTPS connection then opens new HTTP connection to the SM.
Thanks & Regards,
S. Ram
Regards,
Ram.S