Security Alert - security certificate for this site is not available?

We have users that get this when they log in a PC and try to run their first credit card payment of the day. No matter which option you choose, it takes about 60 seconds to run the first transaction, after that it's OK. It's just a nuisance but a fix would be great.

revocation information
ParisAMAsked:
Who is Participating?
 
Rich WeisslerConnect With a Mentor Professional Troublemaker^h^h^h^h^hshooterCommented:
Yep.  That helps.  I went ahead and pointed myself at that website, and pulled up the certificate locally.  The CRL Distribution point in the certificate says it's:

http://EVIntl-crl.verisign.com/EVIntl2006.crl

I confirmed that I can get there.  Are there any network ACLs which prevent that user from being able to access the verisign server on port 80?  (You can see if you can hit that URL from that workstation...)
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Go ahead and view the certificate.  In the properties for the certificate should be a line for 'CRL' (Certificate Revocation List), which should have at least one (possibly more) methods of contacting the issuing CA to check to confirm that the certificate hasn't been revoked.  http or ldap URLs are frequently seen in that entry.  Determine why the workstation can't read from the CRL location, and fix that, and the Alert messages should go away.
0
 
ParisAMAuthor Commented:
If this helps - This happens when making a payment on our system that was created by our own programmers, could this be something they need to fix?

When I view the certificate details, here's what I see:

cert1cert2cert3
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
(If you wanted to find where I'm looking... on the 'details' tab, scroll down to the 'CRL Distribution Points' field.)
0
 
ParisAMAuthor Commented:
We can access that link with no problem....
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
*blink*  But... that's what the error means.  
Okay... what about if you try to access that machine first thing.. before any transactions are run from the computer?  Does it still work okay?  (Any chance it's actually a DNS problem, and the sixty seconds is the time it takes the system to try a second DNS server?)

Is it at all possible that the date on the computer being used for CC processing is wrong by something in terms of days or weeks, such that the CRL looks out of date?
0
 
ParisAMAuthor Commented:
Well, you pointed us in the right direction. I showed our programmer and she said that only certain machines (cash register machines) were OK, while other call takers processing payments were getting it. Something do with with accessing an AS400 server.

Thanks for the quick responses and help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.