hv352
asked on
Getting 'The security certificate for this site has been revoked' error even though that's not the case
Recently I removed a Certificate from my IE 6 on my Win2K Professional box (Tools > Internet Options > Content tab > Certificates button). The certificate was filed in the 'Other People' tab.
After the certificate was removed, I begin getting the error "The security certificate for this site has been revoked. This site cannot be trusted."
I am certain the server is fine as colleagues of mine are able to connect to that server without this problem. This happens only to my system and only after I removed that certificate, when I view it the 'General' tab shows: This certificate has been revoked by its certification authority.
I am behind a corporate firewall and the system in question is within the firewall, however I am going through a VPN tunnel to get into the network from a remote site.
I tried:
1. exporting the certificate from a colleague's machine and importing into mine, but this did not solve the problem. Even after the certificate is imported (it went into the 'Other People' tab in Certificates setting in IE.
2. re-installed IE 6 and updating all recommended security patches (using Windows Update)
I noticed that when I disconnect from the VPN tunnel and delted another certificate to an intranet server, that did not cause any problem. The deletion that cause the error occurred while I was connected to the VPN. I don't know why that would make a difference, but there it is.
Did I do something that trigger this revokation for my machine? Removing a certifcate should be a safe thing, right? Otherwise why would there be a remove button there?
Any gurus out there can help me with this? Thanks much,
After the certificate was removed, I begin getting the error "The security certificate for this site has been revoked. This site cannot be trusted."
I am certain the server is fine as colleagues of mine are able to connect to that server without this problem. This happens only to my system and only after I removed that certificate, when I view it the 'General' tab shows: This certificate has been revoked by its certification authority.
I am behind a corporate firewall and the system in question is within the firewall, however I am going through a VPN tunnel to get into the network from a remote site.
I tried:
1. exporting the certificate from a colleague's machine and importing into mine, but this did not solve the problem. Even after the certificate is imported (it went into the 'Other People' tab in Certificates setting in IE.
2. re-installed IE 6 and updating all recommended security patches (using Windows Update)
I noticed that when I disconnect from the VPN tunnel and delted another certificate to an intranet server, that did not cause any problem. The deletion that cause the error occurred while I was connected to the VPN. I don't know why that would make a difference, but there it is.
Did I do something that trigger this revokation for my machine? Removing a certifcate should be a safe thing, right? Otherwise why would there be a remove button there?
Any gurus out there can help me with this? Thanks much,
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
If the CRL is the issue, then why would it work for other client systems but not for me? That would indicate the problem is specific to my machine, right? If the certificate actually is on the CRL, it would not work for anyone else either. But when I go to my colleague's machine to access the same site, I can get into the site fine. The problem occurs only on my machine, and only after I deleted that certificate from IE certificate setting. I had thought that would only delete the certificate so I would get prompted to approve it upon reaching the site, however it seemed to have done something else to invalidate my use of the site all together (is that possible?)
I cannot save the certificate in 'Trusted Ones' because that option does not exist. That is, in Tools > Internet Options > Content tab > Certificates button, from the 'Certificates' window, the only tables listed are: Personal, Other People, Intermediate Certification Authorities, and Trusted Root Certification Authorities. Is that usual? I'm running IE 6.0.2800.1106, SP1.
May thanks for your input.
I cannot save the certificate in 'Trusted Ones' because that option does not exist. That is, in Tools > Internet Options > Content tab > Certificates button, from the 'Certificates' window, the only tables listed are: Personal, Other People, Intermediate Certification Authorities, and Trusted Root Certification Authorities. Is that usual? I'm running IE 6.0.2800.1106, SP1.
May thanks for your input.
It depends on the difference between your and your colleagues' site. Also saving the certificate would be on the certificate itself.
When you try to access this site, have you tried opening the certificate ? What date does it say?
Can you post that url here, so that I can take a look ?
Cheers,
Rajesh
When you try to access this site, have you tried opening the certificate ? What date does it say?
Can you post that url here, so that I can take a look ?
Cheers,
Rajesh
ASKER
Hi Rajesh,
I can't post the URL because it's internal to my corporate network, but I tried the exact same URL from my machine as from my colleagues machine.
I cut-and-paste the URL in question to both myself and my colleague. When she clicked on her copy of the URL from the email on her machine, she can get in. When I click on the URL from the email on my machine, I see a pop up window that reads:
When I try to access that same URL from my machine, I see a pop up window that reads:
The security certificate for this site has been revoked.
I can't post the URL because it's internal to my corporate network, but I tried the exact same URL from my machine as from my colleagues machine.
I cut-and-paste the URL in question to both myself and my colleague. When she clicked on her copy of the URL from the email on her machine, she can get in. When I click on the URL from the email on my machine, I see a pop up window that reads:
When I try to access that same URL from my machine, I see a pop up window that reads:
The security certificate for this site has been revoked.
Ok, on your colleagues' computer, did you check if the certificate is installed in trusted certificates ? Also have you tried opening the certificate and read what is in there ?
Cheers,
Rajesh
Cheers,
Rajesh
ASKER
The certificate is not installed in trusted certificates at all on her machine.
When I wrote that my colleague can "get into the site", that is only after manually approving the certificate prompt that pops up. It reads:
Information you exchange with this site cannot be viewed or
changed by others. However, there is a problem with the site's
security certificate.
[icon of yellow yield sign with exclamation mark in middle] The security certificate was issued by a company you have
not chosen to trust. View the certificate to determine whether
you want to trust the ceritifying authority.
[icon of green circle with check mark in the middle] The security certificate is valid.
[icon of yellow yield sign with exclamation mark in middle] The name on the security certificate is invalid or does not
match the name of the site
Do you want to proceed?
Yes [button] No [button] View Certificates [button]
That is what I used to get before I removed the certificate from my IE setting. I clicked 'Yes' and I can get into the site. That is what happens also now on my colleague's machine.
However, now on my machine, going to the same URL gets me the pop-up:
The security certificate for this site hsas been revoked.
This site should not be trusted.
OK [button]
When I click OK, the popup goes away but I don't get into the site either.
When I wrote that my colleague can "get into the site", that is only after manually approving the certificate prompt that pops up. It reads:
Information you exchange with this site cannot be viewed or
changed by others. However, there is a problem with the site's
security certificate.
[icon of yellow yield sign with exclamation mark in middle] The security certificate was issued by a company you have
not chosen to trust. View the certificate to determine whether
you want to trust the ceritifying authority.
[icon of green circle with check mark in the middle] The security certificate is valid.
[icon of yellow yield sign with exclamation mark in middle] The name on the security certificate is invalid or does not
match the name of the site
Do you want to proceed?
Yes [button] No [button] View Certificates [button]
That is what I used to get before I removed the certificate from my IE setting. I clicked 'Yes' and I can get into the site. That is what happens also now on my colleague's machine.
However, now on my machine, going to the same URL gets me the pop-up:
The security certificate for this site hsas been revoked.
This site should not be trusted.
OK [button]
When I click OK, the popup goes away but I don't get into the site either.
Oh ok. so both of you had the same problem!
You need to check with the site guys. Can you post what site it is ? so that I can take a look ?
Cheers,
Rajesh
You need to check with the site guys. Can you post what site it is ? so that I can take a look ?
Cheers,
Rajesh
ASKER
Unfortunately I cannot post that site. As I mentioned before, that is a corporate site behind our corporate firewall. You will not be able to access it.
I know that makes it hard to diagnose but making that internal site available to the Internet is not an option.
I know that makes it hard to diagnose but making that internal site available to the Internet is not an option.
I understand...
The basic funda is explained as above. Now the certificate is expired, so you need to renew it, that is the bottom-line.
Cheers,
Rajesh
The basic funda is explained as above. Now the certificate is expired, so you need to renew it, that is the bottom-line.
Cheers,
Rajesh
ASKER
If the certificate is expired. Why is my colleague able to get in but I cannot? Back to square one?
ASKER
This is also not an EXPIRATION issue, it is a REVOCATION issues of the certificate. For some reason, the certification is revoked just for my machine (is that possible?)
No it is not your machine specific but without looking into it, it would be difficult to answer.
Cheers,
Rajesh
Cheers,
Rajesh
Forced accept.
Computer101
EE Admin
Computer101
EE Admin
http://www-new.experts-exchange.com/questions/22054655/Internet-Explorer-7-There-is-a-problem-with-this-website's-security-certificate.html
Cheers,
Rajesh