Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

There is a problem with this website's security certificate on IE8 on 2008 server r2

Posted on 2010-09-03
9
Medium Priority
?
2,099 Views
Last Modified: 2012-05-10
I'm having issues with an internal site on IE8. I keep getting the 'There is a problem with this website's security certificate' message. Even when I import the cert, I still get the message.
My aim is to just bypass the warning. I know the site is fine, so the message is irrelevant.
I have tried importing in IE, I have tried importing in Cert manager for the local computer.
Neither worked. Besides the fact that it is IE, it is on a 2008 R2 terminal server. I don't know that this has any bearing on it.
Any tips to bypass the message?
0
Comment
Question by:lineonecorp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 6

Expert Comment

by:Nuttycomputer
ID: 33597366
What does it state the problem is?

If the problem is that it doesn't trust the issuing authority then you need to make sure you add the issuing authority's (I assume some internal certificate issuer) to the Trusted Authorities for each computer. You can do this through group policy
0
 
LVL 8

Expert Comment

by:hunart
ID: 33597430
Do have have "Internet Explorer Enhanced Security Configuration" enabled on this server?
0
 

Author Comment

by:lineonecorp
ID: 33605498
I have added the authority to the trusted authorities on the computer
Also, IE enhanced Security config is disabled.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 6

Expert Comment

by:Nuttycomputer
ID: 33605563
What's the exact message it gives as the problem?

"There is a problem with this website's security certificate"

Is a generic message if you open up the certificate it should give an error more specific such as problem tracing authority of certificate or certificate does not match name, etc. If you can get that it would be more helpful in solving your issue.
0
 

Author Comment

by:lineonecorp
ID: 33614000
The specific error(s) are:

'The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.'

I can see the date of the cert is 2006. But. It’s an internal site that I trust, so I am not concerned. I just want to disable/bypass the warning.

0
 
LVL 6

Expert Comment

by:Nuttycomputer
ID: 33614094
lineonecorp in this case we have two problems the certificate is expired and the certificate is for a different website. We see that the authority is trusted which we expect since that was already resolved earlier as you stated.

At this point if the website is entirely internal my recommendation is to try adding the website to the "Trusted Zones" section of IE8 and decrease the security of trusted zones.

However you may have better luck just issuing a new certificate (since it's internal there is no cost to do this) from your internal certificate authority or using regular http instead of https. If it's internal are you concerned about packet interception?
0
 

Author Comment

by:lineonecorp
ID: 33614225
I already tried adding to trusted sites-no joy.
The site was setup by a third party, so I could ask them to issue a new cert.
But surely there must be some way to just bypass it in ie8? I know it was simple to bypass the error in ie7 (just add to trusted cert isuers)
0
 
LVL 6

Accepted Solution

by:
Nuttycomputer earned 1200 total points
ID: 33615015
In both IE8 and IE7 you could bypass the error by adding to Trusted Certificate Authorities if the error was "This website’s security certificate is not from a trusted source"

Unfortunately with Expired Dates and URL not matching there isn't a way to get around it according to microsoft. See http://windows.microsoft.com/en-US/windows-vista/About-certificate-errors in particular check out the "I'm getting errors on websites I always visit, what should I do?" and "Can I turn off certificate checking?" sections.

However, there is a way to get past both errors but neither solution is recommended, ideal, and not worth mentioning but in an effort for completeness you COULD get past the Expiration date error by making sure the PC Clock falls within the valid dates as that is what it's checked against. Again, not a solution worth really considering.

As far as the URL Error you could get past this one by ensuring the URL the user has in browser matches the one in the certificate. Would require DNS Hacks and retraining of users so again not a solution really worth considering.

The Ideal and Recommended solution is to have a new certificate issued. If this website is purely internal and access is only going to be done by employees than the easy solution is to have a self signed certificate. (Also the cheapest)

As you stated this was setup by 3rd party ask them if they can just re-issue the certificate or check your web portal SSL Settings (Depending on who you host through you can sometimes generate self-signed certs there)
0
 

Author Comment

by:lineonecorp
ID: 33629345
Thanks for all the help.  
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question