Certificate is invalid

I have a Windows SBS 2003 setup for OWA. I have created a certificate on it.
I have an A record for mail.mydomainname.com
When I use Windows XP and IE7, I am able to install the certifictate by doing a  http://mail.mydomainname.com/certsrv.
I am not able to use IE7 with Windows Vista without getting a "certificate is invalid" message.
I do not want to have to purchase a third party certificate, if at all possible.
villartechAsked:
Who is Participating?
 
ParanormasticConnect With a Mentor Cryptographic EngineerCommented:
Check the certificate on the server - details tab - verify that the issuer name is not that server, but the CA server instead.

If you have multiple CAs (e.g. a root and subordinate) you need to have at least the root installed, preferably both CA certs.  The root cert should be in your trusted root certification authority store.  Checkmark the 'show physical stores'
when manually selecting the store to have available for all users.

PFX should only be on the server that the cert is issued to as it contains the private key.  The .cer that needs to be imported is only the CA server cert files, not the website cert - the website's .cer only needs to be available on the server.
0
 
lnkevinCommented:
Did you try to add certificate to Vista machine using Run --> Type: MMC --> Add/Remove snapin --> Add --> Certificate

K
0
 
ParanormasticCryptographic EngineerCommented:
Save the certificate to file - you can export it from IIS or from one of your xp boxes in Certificates MMC and open trusted root certificate store, or personal store depending where it got put.  Open up the cert - details tab - copy to file button - follow the wizard to save to file.

You can either deploy via GPO as a trusted root certifcate or you can copy it to the vista box and import it - assign manually - checkmark 'show physical stores' then select trusted root certification authorities store.
0
 
villartechAuthor Commented:
I have tried both recomendations - neither worked.
When I import the certificate into the trusted root certification authority store using the import wizard, it indicates that it was successfull.
I do not see the certificate listed, after the import though.
FYI - When I view the certificate after I get the error, it says "This certificate cannot be verified up to a trusted certification authority.
I have tried turning on SSL on the SBS 2003 server and I have tried importing the certificate in both the .cer and .pfx formats.
0
 
villartechAuthor Commented:
Thanks for your assitance
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.