Solved

There is a problem with this website's security certificate on IE8 on 2008 server r2

Posted on 2010-09-03
9
2,029 Views
Last Modified: 2012-05-10
I'm having issues with an internal site on IE8. I keep getting the 'There is a problem with this website's security certificate' message. Even when I import the cert, I still get the message.
My aim is to just bypass the warning. I know the site is fine, so the message is irrelevant.
I have tried importing in IE, I have tried importing in Cert manager for the local computer.
Neither worked. Besides the fact that it is IE, it is on a 2008 R2 terminal server. I don't know that this has any bearing on it.
Any tips to bypass the message?
0
Comment
Question by:lineonecorp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 6

Expert Comment

by:Nuttycomputer
ID: 33597366
What does it state the problem is?

If the problem is that it doesn't trust the issuing authority then you need to make sure you add the issuing authority's (I assume some internal certificate issuer) to the Trusted Authorities for each computer. You can do this through group policy
0
 
LVL 8

Expert Comment

by:hunart
ID: 33597430
Do have have "Internet Explorer Enhanced Security Configuration" enabled on this server?
0
 

Author Comment

by:lineonecorp
ID: 33605498
I have added the authority to the trusted authorities on the computer
Also, IE enhanced Security config is disabled.
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 6

Expert Comment

by:Nuttycomputer
ID: 33605563
What's the exact message it gives as the problem?

"There is a problem with this website's security certificate"

Is a generic message if you open up the certificate it should give an error more specific such as problem tracing authority of certificate or certificate does not match name, etc. If you can get that it would be more helpful in solving your issue.
0
 

Author Comment

by:lineonecorp
ID: 33614000
The specific error(s) are:

'The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.'

I can see the date of the cert is 2006. But. It’s an internal site that I trust, so I am not concerned. I just want to disable/bypass the warning.

0
 
LVL 6

Expert Comment

by:Nuttycomputer
ID: 33614094
lineonecorp in this case we have two problems the certificate is expired and the certificate is for a different website. We see that the authority is trusted which we expect since that was already resolved earlier as you stated.

At this point if the website is entirely internal my recommendation is to try adding the website to the "Trusted Zones" section of IE8 and decrease the security of trusted zones.

However you may have better luck just issuing a new certificate (since it's internal there is no cost to do this) from your internal certificate authority or using regular http instead of https. If it's internal are you concerned about packet interception?
0
 

Author Comment

by:lineonecorp
ID: 33614225
I already tried adding to trusted sites-no joy.
The site was setup by a third party, so I could ask them to issue a new cert.
But surely there must be some way to just bypass it in ie8? I know it was simple to bypass the error in ie7 (just add to trusted cert isuers)
0
 
LVL 6

Accepted Solution

by:
Nuttycomputer earned 300 total points
ID: 33615015
In both IE8 and IE7 you could bypass the error by adding to Trusted Certificate Authorities if the error was "This website’s security certificate is not from a trusted source"

Unfortunately with Expired Dates and URL not matching there isn't a way to get around it according to microsoft. See http://windows.microsoft.com/en-US/windows-vista/About-certificate-errors in particular check out the "I'm getting errors on websites I always visit, what should I do?" and "Can I turn off certificate checking?" sections.

However, there is a way to get past both errors but neither solution is recommended, ideal, and not worth mentioning but in an effort for completeness you COULD get past the Expiration date error by making sure the PC Clock falls within the valid dates as that is what it's checked against. Again, not a solution worth really considering.

As far as the URL Error you could get past this one by ensuring the URL the user has in browser matches the one in the certificate. Would require DNS Hacks and retraining of users so again not a solution really worth considering.

The Ideal and Recommended solution is to have a new certificate issued. If this website is purely internal and access is only going to be done by employees than the easy solution is to have a self signed certificate. (Also the cheapest)

As you stated this was setup by 3rd party ask them if they can just re-issue the certificate or check your web portal SSL Settings (Depending on who you host through you can sometimes generate self-signed certs there)
0
 

Author Comment

by:lineonecorp
ID: 33629345
Thanks for all the help.  
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question