Solved

Termianl Server 2003 IE8, all websites showing certificate errors

Posted on 2014-11-04
15
53 Views
Last Modified: 2016-03-09
Hello,

I have a Terminal Server 2003 using IE8.  All https sites that I go to show certificate errors.

Found a few articles on it,   The time is set correctly.  Nothing seems to be clearing up this error.  It is also affecting other programs (Winrater).

Not too sure where to go from here.

Larry
0
Comment
Question by:laltobelli
  • 7
  • 4
  • 4
15 Comments
 
LVL 24

Expert Comment

by:VB ITS
ID: 40423258
Are you 100% sure the time and date is set correctly?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40423327
I'm not having any problems with IE8 on XP.  Have you updated the Root Certificates on that machine?

Please give a link to a site that isn't working for you along with the error that you are seeing from it.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40423329
If you are in the US, the change from Daylight Savings to Standard time was 2:00 AM Sunday.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:laltobelli
ID: 40423750
Things are a bit stranger than I originally thought.

As I stated above the time, date, timezone and daylight savings time are all correct. 11/5/14, EST,etc.....

I have reset the security in IE8.

I ran Microsoft Fix it 51014 to sync the trusted root certificates.

All SSL websites show the error as well as some non-SSL websites such as www.yahoo.com

A bank website www.leominstercu.com is an example of an SSL site that shows the error.

It is not isolated to a user, all users logging into the terminal server see the error.

Other users logged into PCs on site do not see the error.

Larry
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40424866
Yahoo http://www.yahoo.com/ switches to SSL/TLS as soon as you connect to it.  I'm having no problem connecting to Yahoo with IE8.  Or with http://www.leominstercu.com/ which also will switch to 'https' when you try to connect to it.

If you can not connect to Any 'https' sites then it sounds like port 443 (which is used for 'https') may be blocked on the terminal server.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40424872
In another question today, secure connections were being blocked because Windows XP had not been upgraded to Service Pack 3.  I don't know what the service packs are for Windows 2003 but you might check that.  Also, many sites are Not connecting with SSLv3 because of a security problem last month.  Check your internet options and disable/uncheck SSL3.
0
 

Author Comment

by:laltobelli
ID: 40425165
Hi Dave,

I checked port 443 at www.whatsmyip.org and it is open.  

The server is completely up to date will all service packs (SP2), etc...

I tried it with SSL3 on and off, no difference.

One thing to note that this did happen over the weekend, which makes it look like the time change caused the issue.  But I know the time is correct and Windows update also works - which it would not if the time was off.

This is strange.

Larry
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40425198
Have you tried enabling TLS 1.0 in the same area where you enabled/disabled SSL 3.0?
0
 

Author Comment

by:laltobelli
ID: 40431692
Yes I tried it with TLS 1.0 enabled and disabled.  It did not change the cert error.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40431696
Can you please post a screenshot of the certificate error?
0
 

Author Comment

by:laltobelli
ID: 40439118
Here's a doc with a screen shot of what happens when I go to www.google.com and after I click continue.
cert-error.docx
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40439124
Looks like you may need to re-sync the Trusted Root CA list on your server. You can try using the For Windows Vista, Windows Server 2008 or Windows Server 2003 Fix it link on this Microsoft KB to address the issue: http://support.microsoft.com/kb/931125
0
 

Author Comment

by:laltobelli
ID: 40445994
Hi VB ITS,

Ran the Fix it from the link above, deleted temp files, still got the same results....

Thanks,

Larry
0
 

Accepted Solution

by:
laltobelli earned 0 total points
ID: 40926745
Updated the server and rebooted it.   Seems to have addressed the issue.
0
 

Author Closing Comment

by:laltobelli
ID: 41498615
No one else suggested updating the server and rebooting.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Know what services you can and cannot, should and should not combine on your server.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question