I am trying to get a Certificate issued by Windows 2003 certificate server trusted by a windows XP box. Both system are full up to date on service packs and hot fixes.
Procedure is as follows:
- Generate a certificate for my web site via 2003 certificate server
- Install in IIS on the Web Site
- https connect from client
- .... Cetrificate OK and matches but not trusted
- .... View certificate
- .... Install certificate using defaults
close browser & try again
On a W2K client this works fine, the certificate is used automatically on the next https session.
On XP on the next connection the same message about the issuer not being trusted is displayed. Cancel and look in the certificate store and the certificate is in place, valid and looks quite happy.
Are there any security options that I don't know about on how certificates are trusted?
Are there any relevant differences in XP on certificate store handling
do I need to do something like have my certificate server installed as a root authority?
Is this a bug?
Any other explanation to do with planetary alignment or reality?
Comments, answers, sympathy gratefull received