[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Security certificate does not work with certain browsers

Posted on 2009-02-11
2
Medium Priority
?
668 Views
Last Modified: 2013-11-16
We have a security certificate issued by Network Solutions. We have found that some browsers do not recognize the certificate as valid and will issue a warning (ex: Safari) IE seems to work fine. Firefox will work but I just spoke with a customer whi had an add on called Perspective installed which validates the security and it was blocking the site.
url is www.chainc.com click on the "enter" icon
0
Comment
Question by:jrickercha
1 Comment
 
LVL 31

Accepted Solution

by:
Paranormastic earned 2000 total points
ID: 23622989
The issue is the root certificate is not in the trusted root store for the problematic applications.  IE is almost always the first one companies try to get included to, for obvious reasons of popularity of the browser.  Network solutions needs to get in touch with these various companies and get their root certificate included into their products - it is somewhat common.

This is one reason why Verisign costs the big bucks - they are almost always included in everything.  The term you are looking for would be "browser ubiquity" as far as what percentage of users should be able to validate automatically using their various products.  If it isn't at least 99% then keep looking - most will have 99.8 or 99.9% ubiquity (nobody can technically guarantee 100% because someone can make a product and sell it today that doesn't include anybody, just to cause a lawsuit against whoever was crazy enough to try to say they were 100%).

Many times getting the user to update their software to the latest version will be sufficient, at least for the more popular products like IE, Safari, FF, and Opera.  If that doesn't work, you should be able to email or link to the root certificate so that the user can import it into the trusted root store of their program - here is a link to a different certificate provider that happens to have pretty good instructions for a number of products all centrally located - adapt to your environment:
http://wiki.cacert.org/wiki/BrowserClients
http://wiki.cacert.org/wiki/ImportRootCert

From a quick look it looks like Network Solutions is using the 'UTN-UserFirst-Hardware' root certificate, which is currently owned by Comodo.  Comodo's root certificate repository is located here:
http://www.comodo.com/repository/
The UTN root can be downloaded directly from here:
http://crt.comodoca.com/UTN-USERFirst-Hardware.crt
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
If you are like me and like multiple layers of protection, read on!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question