browser certificate warning https - advice?

certificate error ssi have a couple of related questions -

the situation: i have a link on my webserver accessible only through https
however on trying to connect i get the error (attached)


* is it correct that this is something i can ignore (users can always just add an exception on the browser and enter the page as normal)?

* are there situations where somebody cannot add an exception (e.g. this feature can be blocked by admin or organisation etc)

* is the only way to avoid this error to get and install on the server a certficifate from a trusted authority that is already distributed with the browser(or allow access with http).

* does connecting to my server through https like this improve security even though the server cannot be verified? ( my understanding is https does 2 things, (a) stop eavesdropping on data exchange (b) verify you are talking to legitimate server))

i know it looks like a lot of text but its quick and easy questions for somebody who knows this im sure.

cheers!
LVL 1
weaverkAsked:
Who is Participating?
 
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
If it is a public site, most users will Not add an exception and will leave your site.  In organizations where security is a concern, it could possibly be cause for termination to allow exceptions.  If you are in business, you should buy an acceptable certificate that can be verified.  A self-signed certificate will encrypt if it is accepted but it will not be accepted as identifying a legitimate server.  At the highest levels of certificates, you actually have to 'prove' that you are who you say you are.  That's not so true at the lower levels.
0
 
Dave HoweConnect With a Mentor Software and Hardware EngineerCommented:
as DaveBaldwin says, if you see such an error on a site you will be using for financial transactions or any other "security sensitive" data, you should leave immediately.  By implication therefore, most of the more security savvy people who see it will not then go on to complete whatever transaction you directed them to the site for!

If however the error is for your own users, it indicates you should push out your CA cert to them using Group Policy in order for them to trust it;  There is no need to waste the money on a commerical cert if you control the end-nodes accessing it :)
0
 
weaverkAuthor Commented:
between these two answers i know everythign i needed to,
many thanks to you both!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.