Solved

Termianl Server 2003 IE8, all websites showing certificate errors

Posted on 2014-11-04
15
57 Views
Last Modified: 2016-03-09
Hello,

I have a Terminal Server 2003 using IE8.  All https sites that I go to show certificate errors.

Found a few articles on it,   The time is set correctly.  Nothing seems to be clearing up this error.  It is also affecting other programs (Winrater).

Not too sure where to go from here.

Larry
0
Comment
Question by:laltobelli
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 4
15 Comments
 
LVL 24

Expert Comment

by:VB ITS
ID: 40423258
Are you 100% sure the time and date is set correctly?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40423327
I'm not having any problems with IE8 on XP.  Have you updated the Root Certificates on that machine?

Please give a link to a site that isn't working for you along with the error that you are seeing from it.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40423329
If you are in the US, the change from Daylight Savings to Standard time was 2:00 AM Sunday.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:laltobelli
ID: 40423750
Things are a bit stranger than I originally thought.

As I stated above the time, date, timezone and daylight savings time are all correct. 11/5/14, EST,etc.....

I have reset the security in IE8.

I ran Microsoft Fix it 51014 to sync the trusted root certificates.

All SSL websites show the error as well as some non-SSL websites such as www.yahoo.com

A bank website www.leominstercu.com is an example of an SSL site that shows the error.

It is not isolated to a user, all users logging into the terminal server see the error.

Other users logged into PCs on site do not see the error.

Larry
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40424866
Yahoo http://www.yahoo.com/ switches to SSL/TLS as soon as you connect to it.  I'm having no problem connecting to Yahoo with IE8.  Or with http://www.leominstercu.com/ which also will switch to 'https' when you try to connect to it.

If you can not connect to Any 'https' sites then it sounds like port 443 (which is used for 'https') may be blocked on the terminal server.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40424872
In another question today, secure connections were being blocked because Windows XP had not been upgraded to Service Pack 3.  I don't know what the service packs are for Windows 2003 but you might check that.  Also, many sites are Not connecting with SSLv3 because of a security problem last month.  Check your internet options and disable/uncheck SSL3.
0
 

Author Comment

by:laltobelli
ID: 40425165
Hi Dave,

I checked port 443 at www.whatsmyip.org and it is open.  

The server is completely up to date will all service packs (SP2), etc...

I tried it with SSL3 on and off, no difference.

One thing to note that this did happen over the weekend, which makes it look like the time change caused the issue.  But I know the time is correct and Windows update also works - which it would not if the time was off.

This is strange.

Larry
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40425198
Have you tried enabling TLS 1.0 in the same area where you enabled/disabled SSL 3.0?
0
 

Author Comment

by:laltobelli
ID: 40431692
Yes I tried it with TLS 1.0 enabled and disabled.  It did not change the cert error.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40431696
Can you please post a screenshot of the certificate error?
0
 

Author Comment

by:laltobelli
ID: 40439118
Here's a doc with a screen shot of what happens when I go to www.google.com and after I click continue.
cert-error.docx
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40439124
Looks like you may need to re-sync the Trusted Root CA list on your server. You can try using the For Windows Vista, Windows Server 2008 or Windows Server 2003 Fix it link on this Microsoft KB to address the issue: http://support.microsoft.com/kb/931125
0
 

Author Comment

by:laltobelli
ID: 40445994
Hi VB ITS,

Ran the Fix it from the link above, deleted temp files, still got the same results....

Thanks,

Larry
0
 

Accepted Solution

by:
laltobelli earned 0 total points
ID: 40926745
Updated the server and rebooted it.   Seems to have addressed the issue.
0
 

Author Closing Comment

by:laltobelli
ID: 41498615
No one else suggested updating the server and rebooting.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question