Solved

Detect ssl warning message

Posted on 2012-12-20
3
269 Views
Last Modified: 2012-12-31
I work for a company that ships data storage appliances with a GUI web application and several rest API services that the GUI web app talks to through SSL. Because each customer has a different domain, the SSL warning comes up in the browser. So the customer has to hit each rest API service first, click OK for the SSL warning, and only then will the entire application work. My question is if there is some way to facilitate this process where if the customer hits the front end web app first, we can detect that the warning is occurring with the rest API services and maybe bring up a separate window to allow the user to click OK for the warning.
0
Comment
Question by:opike
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 38710052
What about installing a self signed certificate.   I think the warning will only come up once.
0
 

Author Comment

by:opike
ID: 38710165
We are already using a self-signed certificate and you're correct about the warning only coming up once (unless the browser data is cleared), but that is the situation I'm trying to more elegantly handle.
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 38710182
This is by design - its what the certs are *supposed* to do.

In order for no alert to come up, the cert must meet the following:

a) the name must be correct (i.e. what the user typed into the browser must be what the certificate contains)
b) the date range must be correct (i.e. the certificate must have a start time in the past and an end time in the future)
c) the certificate must be signed by a CA the browser trusts.

of the three, the latter is usually the hardest. Its easy for a server to self-generate and self-sign the certificate to meet a), and specifying "now until ten years from now" usually takes care of b), leaving only c) to deal with.  In a modern MS environment though, you can usually expect that there is a corporate CA available, so that means arranging for your appliance to request a certificate from such a CA rather than generating internally.  This should be part of setup - so after getting a dns name and ip, display a CSR and request it be signed, offering  - as the alternative - to import a pfx file and/or self-generate a cert.
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question