how to avoid certificate error page

Posted on 2011-05-09
Last Modified: 2012-06-27
I would like to know how to avoid certificate error page from internet explorer when trying to contact or webserver via https? even if i have to do it for each visitor our site, because we have limited users.
When I chose “continue to the website”, I get to the login page: when I click on the certificate error on the red box, and view certificate I find my company name on the details pane and  issuer section. is there a way to avoid this error even if I have to do it on each computer visiting my site.
Thanks for your help
Question by:alex-2010
    LVL 10

    Expert Comment

    Usually you get the error page if the certificate is either invalid or untrusted.
    Reasons for a certificate being invalid are (among others):
    - the name being certified is not the name used to access the site
    - the certificate is outdated

    For a certificate to be trusted the root certificate of the certificate chain must be trusted on the client.
    In order to do so you must either use a certificate which is enrolled by a publicly trusted CA or you must import the root-CA's ceritifcate to all clients that need access to the site.

    In order to dive deeper here please give more details about the error message your clients get.

    Author Comment

    thanks abbright
    i have imported the root-CA to one of my clients, it works find no error, but i have some concerns thou
    is it risky to import the root-CA to the client browser, or it is just kind of public key? if not, is it risky to send the root-CA file to the client so he can install it him self?
    also someone told me that to avoid the certificate error, use i.e tools, then security option, trusted sites, and then add the my site to it. I tried it , it did work!
    LVL 10

    Accepted Solution

    The root-CA's certificate to be imported is a public key so there is no risk in distributing it. It has the additional pro that all certificates issued by this CA are trusted afterwards, which might be what you want to do if you own the CA.
    Another option of course is to add the site to the trusted sites, but this has the additional effect that you reduce the security when accessing this site (scripts might be allowed without asking, etc...). If you own the site and know that it can be trusted this is an option as well.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    If you are on a Windows computer and decide to protect a file with sensitive data, you can encrypt the file, password protect it or rely on steganography (hiding a file in an image). This technique is especially useful because unless someone knows t…
    A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now