?
Solved

Intranet Certificate

Posted on 1999-11-08
10
Medium Priority
?
597 Views
Last Modified: 2013-12-25
I have a certificate that I created w/ MS Certificate Server that I would like to use on an Intranet.  How do I resolve the issue of the site warning the visitor that the certificate is from an untrusted source.  I believe this must be done on the client's browser?  Can this been done programmatically like thru ASP or something?

Thanx,
butlertg
0
Comment
Question by:butlertg
  • 3
  • 2
  • 2
  • +2
10 Comments
 
LVL 18

Expert Comment

by:mgfranz
ID: 2191981
I am not positive, but I think this will help...
http://www.microsoft.com/security/tech/Certificates/enroll.asp?RLD=287

There are security levels that can be set on IE that could have an effect on the certs.

Mark
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 2192003
I don't think you can program that.  For something to come from
a trusted host it must be signed from at trusted CA (There are very
few...  Verisign)

CJ
0
 
LVL 9

Expert Comment

by:TTom
ID: 2192541
The answer is that each browser will have to contact the server which issued the certificate and install the root certificate.  I do not think you can do this programmatically.

At one time, I was fairly certain that there was an option in IE4 and/or 5 to "add the issuer to the trusted issuers list", but I have been unable to confirm that with M$ or any of my regular sources.

Tom
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 

Author Comment

by:butlertg
ID: 2192552
So is there no way to use a "home-made" certificate w/o getting those warnings?  I mean without changing the option in every users browser.

butlertg
0
 
LVL 9

Accepted Solution

by:
TTom earned 400 total points
ID: 2192583
Not that I know of.

You should be aware that, properly handled, these warnings are a one time event.  As soon as you install the root cert for the server and accept the cert in the client, the warnings will never again appear (unitl the cert expires or something like that).

There is no option to be changed.  It's just that the browser needs to add the cert to its list of "acceptable" certs.

Tom
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 2193913
If you notice sometimes you will even get M$ certificate warnings.
Trust me if there was a way to do it programmatically ... they would
have done it.

CJ
0
 
LVL 3

Expert Comment

by:monas
ID: 2194135
[As cheekycj noted] you can prevent them by asking versign [www.versisign.com] or some other trusted CA to sign your key.
0
 
LVL 9

Expert Comment

by:TTom
ID: 2194172
Verisign (or any other trusted CA) will probably not "sign" your key, but, rather, sell you their own certificate.  This defeats the purpose of creating a M$ certificate in the first place.
0
 
LVL 3

Expert Comment

by:monas
ID: 2194193
Well, I think they could sign yours. But the price will be the same.

The reason for generating your own vs buing from say verisign is that in case you generate it, certificate's secret key _NEVER_ leaves your hands and NO ONE but you have it. This could make difference for paranoid. And if you are using SSL you should be one.
0
 

Author Comment

by:butlertg
ID: 2196913
Thanx to everybody for your help!!
Hopefully I these problems will be acceptable to users.  Dang M$!

butlertg
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Magento is the best technology for eCommerce start-ups as it offers the technical expertise and visual appeal to create a store that pulls sales and earns high ROI (Return on investment).
This article is about the challenges faced by Android app developers.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).
Suggested Courses
Course of the Month6 days, 22 hours left to enroll

593 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question