spinewr
asked on
Imported Certificate Problems - signing data with your private exchange key
Hi,
We have a website that requires certificates. We have imported the certificate onto our system (windows 2000 SP4) at a client site (not within our domain). When the user gets in to use the application, the application works but they receive continuous messages (depending on what we do within the application), with a window titled Private Key Container and is an informational window stating 'signing data with your private exchange key' but does not ask for a password. We did have two certificates for the same site on the system, but have since removed one eventhough it did ask us which one we wanted to use for the site.
We have reviewed security settings for the internet, SSL on the web server but have not found the culprit. We still have not tested it on another system at the client site, that is happening later this week.
If anyone understands why we are receiveing this informational window we would greatly appreciate the feedback.
Thanks
We have a website that requires certificates. We have imported the certificate onto our system (windows 2000 SP4) at a client site (not within our domain). When the user gets in to use the application, the application works but they receive continuous messages (depending on what we do within the application), with a window titled Private Key Container and is an informational window stating 'signing data with your private exchange key' but does not ask for a password. We did have two certificates for the same site on the system, but have since removed one eventhough it did ask us which one we wanted to use for the site.
We have reviewed security settings for the internet, SSL on the web server but have not found the culprit. We still have not tested it on another system at the client site, that is happening later this week.
If anyone understands why we are receiveing this informational window we would greatly appreciate the feedback.
Thanks
You need to make sure the cert is configured for the url you are using.
ASKER
Thanks for the info.
The cert is an actual working one for the application. It was exported and emailed to the client. The client imported it and here we are with this problem. I wish I was more familiar with configuring certs for urls, but I am not. Is there a way to check and make sure it is configured for the url? Or is there a way to check to see if it is corrupt?
Both of these answers could narrow down the hunt!
Thanks,
spinewr
The cert is an actual working one for the application. It was exported and emailed to the client. The client imported it and here we are with this problem. I wish I was more familiar with configuring certs for urls, but I am not. Is there a way to check and make sure it is configured for the url? Or is there a way to check to see if it is corrupt?
Both of these answers could narrow down the hunt!
Thanks,
spinewr
When you or verisign build the certificate you have to enter the url (or give it to them) of the site exactly so if its http://xxx.xxxxx.com that’s what you have to enter.
ASKER
Yes, after checking this out it was done correctly. Can anyone answer my other question? How can you tell you have a corrupt cert. The problem may just be on one pc and not all over. The problem is I need to have the certificate reissued or export the certificate onto the next box, but I can't tell if the certificate I am using is ok or not. I am also a long way from home so I can't test this exported cert on a box I know normally works.
Any help would be great!
Any help would be great!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.