Solved

self-signed certificate problem

Posted on 2003-12-09
6
1,963 Views
Last Modified: 2007-12-19
I have made a self-signed certificate, transformed the certificate to Software Publisher Certificate and signed my cab file.

After I installed the certificate in "Trusted Root Certification Authorities" everything works as expected. That is, when I browse to the page on the remote site where I have placed the page and the cab file a security warning appear, "Do you want to install and run..", when I answer yes all files is extracted and my activex control shows in the browser.

The problem is that it does not work on other computers - even if I install the certificate in "Trusted Root Certification Authorities" on the other computer. I know that the problem is not any missing files (a normal installation works with the same files).

It just will not unpack and install the files. The security warning come up but nothing happens. Is this behavior by design for self-signed certificates?
0
Comment
Question by:rolftollerud
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 58

Expert Comment

by:amit_g
ID: 9908396
There must be something else that is wrong - for example a intranet vs. internet zone. There is a difference between a self-signed and CA-signed certificate. The browser does not trust the certificate and so it treats the ActiveX being unsigned and so it does not download it for installation. In internet explorer go to Tools->Security->Custom Level and change the "Download unsigned ActiveX controls" from disable to prompt. Now the browser will ask you if it should download and tell you that the certificate is not trusted.

You can put your site in Trusted Sites and then IE will download and install it without any warning.
0
 
LVL 7

Author Comment

by:rolftollerud
ID: 9910289
Changing to "Download unsigned ActiveX controls" makes no difference. I can not put put my site in Trusted Sites because it is not SSL enabled. Anyway, why does it work on the computer where I orginally made the certificate?
The site is http://mirabit.net/miracrm/default.htm, the control contains no spam-trojans or virus of any kind.

Regards
Rolf Tollerud
0
 
LVL 58

Accepted Solution

by:
amit_g earned 500 total points
ID: 9914310
Your inf file has more entries than required. Extract the files from cab and put them in a folder. Right click on inf file and select install. This throws error. You need not put entries for files like comctl32.ocx. If you have those entries than you will have to include those ocx/dlls in your cab. Remove those entries and test the installation again. Do all this in a computer that doesn't have your components already installed. When your local install is done without any error, pack that set of inf with all dependent files and try it on the web page.

You can put any site as trusted. The default is https but you can take that option out. Please note that this is only to test. Do not put anything in trusted site unless you either own the site or know for quite sure that it is harmless.
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 7

Author Comment

by:rolftollerud
ID: 9921138
ok I got it working. The issue had to do with overflow in a routine that checked the number of color on the screen. The error didn't show up on my computes that was set to 16 bit color..

I  got some good out of this anyhow. I have to pack comctl32.ocx, but not with the option "download from MS site" because I want to avoid the obligatory restart at all cost. The 6.0.81.5 version from 5/22/200 is sufficient in  99% of all cases and there is no restart.

So if you only could confirm that it works (http://www.mirabit.net/miraocx/) click on the logo in upper left corner to activate the database I will award you the points. Don't forget to unregister windows/mira.ocx.

Thank you for the help and even for dowload of an unsigned control from somebody you don't know! It is amazing really the help you got here in EE.

Regards
Rolf Tollerud
0
 
LVL 58

Expert Comment

by:amit_g
ID: 9922589
It works.

I downloaded it because I have seen you answering questions and helping other in Web Development TA. I assumed that a person helping others would not do anything to harm others :) I hope my assumption is correct.
0
 
LVL 7

Author Comment

by:rolftollerud
ID: 9924042
thank you Amit, I hope I can return the favour sometimes!
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question