Avatar of netwrked

asked on 

Problem with Web Server Certificate when accessing site by IP Address

We have a specialized IIS 6.0 web server running under Server 2003 that one of our applications uses to transfer information between sites.  The site has a FQDN and the certificates are loaded properly on both the server and what would consider to be the "client" machine.

The "client" uses an automated process to access the web server.  However, due to configuration constraints, the "client" cannot use the FQDN, so it must access the system via the IP address.

The problem is that now the system hangs up on the "There is a problem with this website's security certificate" message.  Since this is an automated process, there is no way to "click" on "Continue to this website (not recommended)" link.

If you do go to the FQDN, the site works fine.  Unfortunately, that is not an option with the custom program we are using.  We must access via IP address only.

I see no way to issue a certificate based on IP address versus FQDN.  Does anyone know a registry setting or other fix that will always ignore the "Continue to this website...." message?


Web BrowsersSecurityWeb Servers

Avatar of undefined
Last Comment
Avatar of CoccoBill
Flag of Finland image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Paranormastic
Flag of United States of America image

Windows CA does allow issuing to IP addresses for the subject name.  What you would probably want to do is to issue the certificate using a Subject Alternative Name (SAN).  Basically you choose one name for the subject for the CSR, then when you submit to the certsrv page you use the Attributes field to include DNS=www.domain.com&IP=

Note that you need SAN enabled on the CA for this to work.  Refer to this document for more info:

If you are using public certs, consider a Unified Communications Certificate (UCC or UC Cert), sometimes referred to as multi-domain certificate.  Pretty much the same thing - you submit the CSR and then they provide a text field where you can just type in on separate lines what you want to be valid - these can be hostnames, IP addresses, DNS names/aliases, etc.  They cost a bit more but worth it when you need one.  Most commercial CAs will offer these (Verisign, Comodo, GoDaddy, etc.).
Avatar of netwrked


The self cert worked great since our CA does not allow IP's....many thanks!
Web Browsers
Web Browsers

Web browsers are applications used primarily to display documents, files and media from the Internet, identified by a Uniform Resource Identifier (URI) that can be a page, image, video or other file. Some browsers require the use of add-ons or extensions to safely render the information they receive; others have systems built into them to perform the same functions.

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo