Solved

self-signed certificate problem

Posted on 2003-12-09
6
1,922 Views
Last Modified: 2007-12-19
I have made a self-signed certificate, transformed the certificate to Software Publisher Certificate and signed my cab file.

After I installed the certificate in "Trusted Root Certification Authorities" everything works as expected. That is, when I browse to the page on the remote site where I have placed the page and the cab file a security warning appear, "Do you want to install and run..", when I answer yes all files is extracted and my activex control shows in the browser.

The problem is that it does not work on other computers - even if I install the certificate in "Trusted Root Certification Authorities" on the other computer. I know that the problem is not any missing files (a normal installation works with the same files).

It just will not unpack and install the files. The security warning come up but nothing happens. Is this behavior by design for self-signed certificates?
0
Comment
Question by:rolftollerud
  • 3
  • 3
6 Comments
 
LVL 58

Expert Comment

by:amit_g
Comment Utility
There must be something else that is wrong - for example a intranet vs. internet zone. There is a difference between a self-signed and CA-signed certificate. The browser does not trust the certificate and so it treats the ActiveX being unsigned and so it does not download it for installation. In internet explorer go to Tools->Security->Custom Level and change the "Download unsigned ActiveX controls" from disable to prompt. Now the browser will ask you if it should download and tell you that the certificate is not trusted.

You can put your site in Trusted Sites and then IE will download and install it without any warning.
0
 
LVL 7

Author Comment

by:rolftollerud
Comment Utility
Changing to "Download unsigned ActiveX controls" makes no difference. I can not put put my site in Trusted Sites because it is not SSL enabled. Anyway, why does it work on the computer where I orginally made the certificate?
The site is http://mirabit.net/miracrm/default.htm, the control contains no spam-trojans or virus of any kind.

Regards
Rolf Tollerud
0
 
LVL 58

Accepted Solution

by:
amit_g earned 500 total points
Comment Utility
Your inf file has more entries than required. Extract the files from cab and put them in a folder. Right click on inf file and select install. This throws error. You need not put entries for files like comctl32.ocx. If you have those entries than you will have to include those ocx/dlls in your cab. Remove those entries and test the installation again. Do all this in a computer that doesn't have your components already installed. When your local install is done without any error, pack that set of inf with all dependent files and try it on the web page.

You can put any site as trusted. The default is https but you can take that option out. Please note that this is only to test. Do not put anything in trusted site unless you either own the site or know for quite sure that it is harmless.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 7

Author Comment

by:rolftollerud
Comment Utility
ok I got it working. The issue had to do with overflow in a routine that checked the number of color on the screen. The error didn't show up on my computes that was set to 16 bit color..

I  got some good out of this anyhow. I have to pack comctl32.ocx, but not with the option "download from MS site" because I want to avoid the obligatory restart at all cost. The 6.0.81.5 version from 5/22/200 is sufficient in  99% of all cases and there is no restart.

So if you only could confirm that it works (http://www.mirabit.net/miraocx/) click on the logo in upper left corner to activate the database I will award you the points. Don't forget to unregister windows/mira.ocx.

Thank you for the help and even for dowload of an unsigned control from somebody you don't know! It is amazing really the help you got here in EE.

Regards
Rolf Tollerud
0
 
LVL 58

Expert Comment

by:amit_g
Comment Utility
It works.

I downloaded it because I have seen you answering questions and helping other in Web Development TA. I assumed that a person helping others would not do anything to harm others :) I hope my assumption is correct.
0
 
LVL 7

Author Comment

by:rolftollerud
Comment Utility
thank you Amit, I hope I can return the favour sometimes!
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

After uninstalling Opera browser (for example ver. 10.63), your attempts to open a web page by clicking on a URL link may fail with an error message.  The error is "This operation has been canceled due to restrictions in effect on this computer. Pleā€¦
#Citrix #Internet Explorer #Enterprise Mode #IE 11 #IE 8
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now