Link to home
Start Free TrialLog in
Avatar of mdennis4422
mdennis4422Flag for United States of America

asked on

Certificate error with Website on some terminal servers and not others.

I have a particular site that my users hit on a regular basis.  I have two sites where Terminal services resides.  In my primary site, users can hit mentioned website and everything opens properly.  In my Backup site however they get an error about the certificate. THis error only occurs from my terminal servers.  All Terminal servers are Windows 2003 R2, IE7, and the Root Authority is trusted on Both Servers. I have ran RSOP to make sure that the Group Policies are being applied properly and the results are identical.  The only real difference is the Physical Location and the path to the internet. From My laptop in the Backup Site I can hit the website without issue.  I have attached screenshots of the certificate information one from a working server in the primary site and one from a non-working server in the backup site.  On both instances the root certificate authority is trusted.  I have hit a brick wall, any help would be appreciated.
Cert-Error.doc
Avatar of Paranormastic
Paranormastic
Flag of United States of America image
I'm guessing the problem one is the upper half, working lower half.  The upper right pic shows that the root certificate chain is not installed, only the server cert.  I would imagine the error is that it could not be trusted.

For some reason I am having difficulty finding their root chain for direct download, but here are a couple easy alternative methods:
1) Check the email that you got your certs in - they may have the root and intermediate certs attached or a download link there.
2) Open up Certificates MMC and look in the trusted root certificate store for:
"UTN - USERFirst-Hardware" and export that.  Also look here and if not here then in Intermediate store (may be in both or one or the other, either way is OK usually) - "Network Solutions Certificate Authority" and export that as well.

Copy them to your backup server and import them - try manually putting them in the trusted root store for the first and intermediate store for the second.  If this is 2008 server (also do this for Vista, but I'm assuming that isn't running on your server) when selecting from the list check the box underneath for 'show physical stores' prior to putting it in there for each.  For 2003 shouldn't matter if you do or don't, but if still giving you problems can try that.

ASKER CERTIFIED SOLUTION
Avatar of mdennis4422
mdennis4422
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial