Solved

SSL certificate is wildcard and non-windows browsers show as invalid certificate

Posted on 2008-06-26
5
514 Views
Last Modified: 2013-12-07
Our mail exchange administrator via GoDaddy purchased our SSL certificates as *.companyname.com

instead of servername.companyname.com

I can see the reasoning so that the certificate can toggle between various servers, yet FireFox and Safari browsers cannot identify the trusted certificate *.companyname.com with the sites defined servername.

Somewhere I read that via PowerShell in Exchange we can run a command so that *.companyname.com reflects as a trusted certificate
0
Comment
Question by:PROJHOPE
  • 2
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
danengle earned 400 total points
ID: 21877124
You need to ensure those non-windows browsers have godaddy.com added as a trusted root CA.

http://en.wikipedia.org/wiki/Certificate_authority
http://en.wikipedia.org/wiki/Root_certificate
0
 
LVL 17

Assisted Solution

by:fgrushevsky
fgrushevsky earned 100 total points
ID: 21877148
we use wildcard certificates with no problem , the Firefox that I am using identifies certificates as valid "SSL Server Certificate". where exactly do you see as "non trusted" when you use FF?
0
 

Author Comment

by:PROJHOPE
ID: 21877745
I am on the new Firefox 3.0 and trying to get to our sharepoint site I am stopped when I enter in the URL and hit enter

I do not get the pop up to allow or trust.  

I went to the Exchange server I exported the Trusted GoDaddy Ceritificate and also the private key (pfx)

In Firefox I went to preferences security and tried to import the Trusted GoDaddy.cer file...stated it already existed...

Ok so it isn't GoDaddy but our servers...so I go to Personal and import the private key

Successful.  When I close and reopen the browser I am shown again the untrusted certificate.


0
 
LVL 5

Expert Comment

by:danengle
ID: 21877890
when you close and reopen the browser, is the private key still present?  

Did you upgrade to FF3.0 from an older version or a clean install?  If upgrade, try a clean install and see if that remedies the situation.  It's possible some setting from the old version isn't working properly.  
0
 

Author Comment

by:PROJHOPE
ID: 21903058
The problem is our *.companyname.  We are a mixed environment and thus to keep everyone happy we are going to pay the $30.00 to get server specific SSL certificates.

Thanks All
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question