There is a problem with this website's security certificate on IE8 on 2008 server r2

I'm having issues with an internal site on IE8. I keep getting the 'There is a problem with this website's security certificate' message. Even when I import the cert, I still get the message.
My aim is to just bypass the warning. I know the site is fine, so the message is irrelevant.
I have tried importing in IE, I have tried importing in Cert manager for the local computer.
Neither worked. Besides the fact that it is IE, it is on a 2008 R2 terminal server. I don't know that this has any bearing on it.
Any tips to bypass the message?
lineonecorpAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
NuttycomputerConnect With a Mentor Commented:
In both IE8 and IE7 you could bypass the error by adding to Trusted Certificate Authorities if the error was "This website’s security certificate is not from a trusted source"

Unfortunately with Expired Dates and URL not matching there isn't a way to get around it according to microsoft. See http://windows.microsoft.com/en-US/windows-vista/About-certificate-errors in particular check out the "I'm getting errors on websites I always visit, what should I do?" and "Can I turn off certificate checking?" sections.

However, there is a way to get past both errors but neither solution is recommended, ideal, and not worth mentioning but in an effort for completeness you COULD get past the Expiration date error by making sure the PC Clock falls within the valid dates as that is what it's checked against. Again, not a solution worth really considering.

As far as the URL Error you could get past this one by ensuring the URL the user has in browser matches the one in the certificate. Would require DNS Hacks and retraining of users so again not a solution really worth considering.

The Ideal and Recommended solution is to have a new certificate issued. If this website is purely internal and access is only going to be done by employees than the easy solution is to have a self signed certificate. (Also the cheapest)

As you stated this was setup by 3rd party ask them if they can just re-issue the certificate or check your web portal SSL Settings (Depending on who you host through you can sometimes generate self-signed certs there)
0
 
NuttycomputerCommented:
What does it state the problem is?

If the problem is that it doesn't trust the issuing authority then you need to make sure you add the issuing authority's (I assume some internal certificate issuer) to the Trusted Authorities for each computer. You can do this through group policy
0
 
hunartCommented:
Do have have "Internet Explorer Enhanced Security Configuration" enabled on this server?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
lineonecorpAuthor Commented:
I have added the authority to the trusted authorities on the computer
Also, IE enhanced Security config is disabled.
0
 
NuttycomputerCommented:
What's the exact message it gives as the problem?

"There is a problem with this website's security certificate"

Is a generic message if you open up the certificate it should give an error more specific such as problem tracing authority of certificate or certificate does not match name, etc. If you can get that it would be more helpful in solving your issue.
0
 
lineonecorpAuthor Commented:
The specific error(s) are:

'The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.'

I can see the date of the cert is 2006. But. It’s an internal site that I trust, so I am not concerned. I just want to disable/bypass the warning.

0
 
NuttycomputerCommented:
lineonecorp in this case we have two problems the certificate is expired and the certificate is for a different website. We see that the authority is trusted which we expect since that was already resolved earlier as you stated.

At this point if the website is entirely internal my recommendation is to try adding the website to the "Trusted Zones" section of IE8 and decrease the security of trusted zones.

However you may have better luck just issuing a new certificate (since it's internal there is no cost to do this) from your internal certificate authority or using regular http instead of https. If it's internal are you concerned about packet interception?
0
 
lineonecorpAuthor Commented:
I already tried adding to trusted sites-no joy.
The site was setup by a third party, so I could ask them to issue a new cert.
But surely there must be some way to just bypass it in ie8? I know it was simple to bypass the error in ie7 (just add to trusted cert isuers)
0
 
lineonecorpAuthor Commented:
Thanks for all the help.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.