JAaron Anderson
asked on
internet explorer 7 certificate error for Trusted Verisign Cert
I have a trusted Verisign cert but when people access the https webpage they still get the untrusted error prompt. How is this possible ?
I have also studied https://www.experts-exchange.com/questions/22084818/internet-explorer-7-certificate-errors.html but this is a self signed cert not a trusted CA as mine...
I have also studied https://www.experts-exchange.com/questions/22084818/internet-explorer-7-certificate-errors.html but this is a self signed cert not a trusted CA as mine...
ASKER
yes checked the date/time of the laptop its XP IE8 right date/time...
ASKER
its weird sometimes when the guy on his laptop at work it works and when hes on other networks it does not and prompts him... any ideas ?
ASKER
could it be the bit depth of the cert is conflicting with a browser experience of a lower or higher bit based computer ?
IE7 is 128bit, so I don't think the problem is there. The 32-bit / 64-bit computer architectures should not make any difference.
Check out Internet Options under Control Panel. Switch to the Advanced Tab & see if the following are checked--
Use SSL 3.0
Use TLS 1.0
See if the issue persists.
If no luck, open it again and hit the "Reset" button. This will reset it to system defaults and clear all clutter in IE disabling all Add-ons.
Now check.
Ravi.
IE-options.PNG
Check out Internet Options under Control Panel. Switch to the Advanced Tab & see if the following are checked--
Use SSL 3.0
Use TLS 1.0
See if the issue persists.
If no luck, open it again and hit the "Reset" button. This will reset it to system defaults and clear all clutter in IE disabling all Add-ons.
Now check.
Ravi.
IE-options.PNG
ASKER
I had the client who complained of the issue check these options and enable them and also download the latest optional CA digest from windows updates. so this wasnt it ... hmm what next?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok Ill try that
ASKER
Yeah we had been trying everything and we believe it is because we had a HOST Record for the Server Common Name which the cert is assigned for in our DNS Server and NOT a physical "A" Record entry.
although host records mimic the functionality of A and CNames, and typically perform their duties accordingly, they evidently get sticky and combative when dealing with certs if/when ONLY a hostrecord has entries in DNS.
In all, it was a good "hard-earned" learning thanks to Panaormatic & Rovastar for their provoking input to flush out what the solution was by process of elimination. :)
although host records mimic the functionality of A and CNames, and typically perform their duties accordingly, they evidently get sticky and combative when dealing with certs if/when ONLY a hostrecord has entries in DNS.
In all, it was a good "hard-earned" learning thanks to Panaormatic & Rovastar for their provoking input to flush out what the solution was by process of elimination. :)
Ravi.