• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2009
  • Last Modified:

self-signed certificate problem

I have made a self-signed certificate, transformed the certificate to Software Publisher Certificate and signed my cab file.

After I installed the certificate in "Trusted Root Certification Authorities" everything works as expected. That is, when I browse to the page on the remote site where I have placed the page and the cab file a security warning appear, "Do you want to install and run..", when I answer yes all files is extracted and my activex control shows in the browser.

The problem is that it does not work on other computers - even if I install the certificate in "Trusted Root Certification Authorities" on the other computer. I know that the problem is not any missing files (a normal installation works with the same files).

It just will not unpack and install the files. The security warning come up but nothing happens. Is this behavior by design for self-signed certificates?
0
rolftollerud
Asked:
rolftollerud
  • 3
  • 3
1 Solution
 
amit_gCommented:
There must be something else that is wrong - for example a intranet vs. internet zone. There is a difference between a self-signed and CA-signed certificate. The browser does not trust the certificate and so it treats the ActiveX being unsigned and so it does not download it for installation. In internet explorer go to Tools->Security->Custom Level and change the "Download unsigned ActiveX controls" from disable to prompt. Now the browser will ask you if it should download and tell you that the certificate is not trusted.

You can put your site in Trusted Sites and then IE will download and install it without any warning.
0
 
rolftollerudAuthor Commented:
Changing to "Download unsigned ActiveX controls" makes no difference. I can not put put my site in Trusted Sites because it is not SSL enabled. Anyway, why does it work on the computer where I orginally made the certificate?
The site is http://mirabit.net/miracrm/default.htm, the control contains no spam-trojans or virus of any kind.

Regards
Rolf Tollerud
0
 
amit_gCommented:
Your inf file has more entries than required. Extract the files from cab and put them in a folder. Right click on inf file and select install. This throws error. You need not put entries for files like comctl32.ocx. If you have those entries than you will have to include those ocx/dlls in your cab. Remove those entries and test the installation again. Do all this in a computer that doesn't have your components already installed. When your local install is done without any error, pack that set of inf with all dependent files and try it on the web page.

You can put any site as trusted. The default is https but you can take that option out. Please note that this is only to test. Do not put anything in trusted site unless you either own the site or know for quite sure that it is harmless.
0
How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

 
rolftollerudAuthor Commented:
ok I got it working. The issue had to do with overflow in a routine that checked the number of color on the screen. The error didn't show up on my computes that was set to 16 bit color..

I  got some good out of this anyhow. I have to pack comctl32.ocx, but not with the option "download from MS site" because I want to avoid the obligatory restart at all cost. The 6.0.81.5 version from 5/22/200 is sufficient in  99% of all cases and there is no restart.

So if you only could confirm that it works (http://www.mirabit.net/miraocx/) click on the logo in upper left corner to activate the database I will award you the points. Don't forget to unregister windows/mira.ocx.

Thank you for the help and even for dowload of an unsigned control from somebody you don't know! It is amazing really the help you got here in EE.

Regards
Rolf Tollerud
0
 
amit_gCommented:
It works.

I downloaded it because I have seen you answering questions and helping other in Web Development TA. I assumed that a person helping others would not do anything to harm others :) I hope my assumption is correct.
0
 
rolftollerudAuthor Commented:
thank you Amit, I hope I can return the favour sometimes!
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now