• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2317
  • Last Modified:

There is a problem with this website's security certificate on IE8 on 2008 server r2

I'm having issues with an internal site on IE8. I keep getting the 'There is a problem with this website's security certificate' message. Even when I import the cert, I still get the message.
My aim is to just bypass the warning. I know the site is fine, so the message is irrelevant.
I have tried importing in IE, I have tried importing in Cert manager for the local computer.
Neither worked. Besides the fact that it is IE, it is on a 2008 R2 terminal server. I don't know that this has any bearing on it.
Any tips to bypass the message?
0
lineonecorp
Asked:
lineonecorp
  • 4
  • 4
1 Solution
 
NuttycomputerCommented:
What does it state the problem is?

If the problem is that it doesn't trust the issuing authority then you need to make sure you add the issuing authority's (I assume some internal certificate issuer) to the Trusted Authorities for each computer. You can do this through group policy
0
 
hunartCommented:
Do have have "Internet Explorer Enhanced Security Configuration" enabled on this server?
0
 
lineonecorpAuthor Commented:
I have added the authority to the trusted authorities on the computer
Also, IE enhanced Security config is disabled.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
NuttycomputerCommented:
What's the exact message it gives as the problem?

"There is a problem with this website's security certificate"

Is a generic message if you open up the certificate it should give an error more specific such as problem tracing authority of certificate or certificate does not match name, etc. If you can get that it would be more helpful in solving your issue.
0
 
lineonecorpAuthor Commented:
The specific error(s) are:

'The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.'

I can see the date of the cert is 2006. But. It’s an internal site that I trust, so I am not concerned. I just want to disable/bypass the warning.

0
 
NuttycomputerCommented:
lineonecorp in this case we have two problems the certificate is expired and the certificate is for a different website. We see that the authority is trusted which we expect since that was already resolved earlier as you stated.

At this point if the website is entirely internal my recommendation is to try adding the website to the "Trusted Zones" section of IE8 and decrease the security of trusted zones.

However you may have better luck just issuing a new certificate (since it's internal there is no cost to do this) from your internal certificate authority or using regular http instead of https. If it's internal are you concerned about packet interception?
0
 
lineonecorpAuthor Commented:
I already tried adding to trusted sites-no joy.
The site was setup by a third party, so I could ask them to issue a new cert.
But surely there must be some way to just bypass it in ie8? I know it was simple to bypass the error in ie7 (just add to trusted cert isuers)
0
 
NuttycomputerCommented:
In both IE8 and IE7 you could bypass the error by adding to Trusted Certificate Authorities if the error was "This website’s security certificate is not from a trusted source"

Unfortunately with Expired Dates and URL not matching there isn't a way to get around it according to microsoft. See http://windows.microsoft.com/en-US/windows-vista/About-certificate-errors in particular check out the "I'm getting errors on websites I always visit, what should I do?" and "Can I turn off certificate checking?" sections.

However, there is a way to get past both errors but neither solution is recommended, ideal, and not worth mentioning but in an effort for completeness you COULD get past the Expiration date error by making sure the PC Clock falls within the valid dates as that is what it's checked against. Again, not a solution worth really considering.

As far as the URL Error you could get past this one by ensuring the URL the user has in browser matches the one in the certificate. Would require DNS Hacks and retraining of users so again not a solution really worth considering.

The Ideal and Recommended solution is to have a new certificate issued. If this website is purely internal and access is only going to be done by employees than the easy solution is to have a self signed certificate. (Also the cheapest)

As you stated this was setup by 3rd party ask them if they can just re-issue the certificate or check your web portal SSL Settings (Depending on who you host through you can sometimes generate self-signed certs there)
0
 
lineonecorpAuthor Commented:
Thanks for all the help.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now