We help IT Professionals succeed at work.

Browser error "Malformed certificate"  = Google Chrome (v36) and IE (v8) - with a root CA SHA256

ccfcfc
ccfcfc asked
on
3,663 Views
Last Modified: 2014-08-08
Using Google and IE to connect to a URL we get an error :-
The certificate that Chrome received during this connection attempt is not formatted correctly, so Chrome cannot use it to protect your information.
Error type: Malformed certificate
Subject: mycert.testing.com
Issuer: GlobalSign Organization Validation CA - SHA256 - G2

The server is running WIndows 2003 server and the version of browsers as stated above. So on a development 2003 server I ran Windows updates and re-tried and the issue was resolved. I need to fix the issue on live 2003 servers but I do not want to run the complete Windows Update in case it breaks many other functions.
I am assuming there was an upgrade to support  new hashing algorithm SHA256 ?
Appreciate if anyone can shed light on this and more specific on what needs updating.

Thanks
Comment
Watch Question

Dave BaldwinFixer of Problems
CERTIFIED EXPERT
Most Valuable Expert 2014

Commented:
Look for the Root Certificate Updates and see if that fixes your problem.

Author

Commented:
I am still struggling to find anything that fixes the issue. There seems to be a common theme with the SHA256 in the certs needed within Windows 2003. I fixed the issue by running Windows updates on the 2003 server but this tkes over 4 hours and there are many. My other issue being, this is a live server running apps and web sites and it woudl break other apps and be down for 4 hours.
SO I am not ure what Root Certificate as part of the update is required. I woudl be grateful if you know what update is required.
I found this link http://support.microsoft.com/kb/968730
But when I download it and attempt to run it, it says " but is for a machine other than the current machine" so does not run .
Fixer of Problems
CERTIFIED EXPERT
Most Valuable Expert 2014
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
YEs I found that one and applied it made no difference. I even got the new RootCA Intermediate CA and imported into the Server Certificate MMC made no difference. I have been sent a knowledge base KB968730  

Applied it , re-booted and it seemed to have fixed my problem. I am going to have to do some more testing on other server

Author

Commented:
Yes it seems to have solved the problem
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.