SSL checker internal

I have a website that is accessible only to my internal users. The website is showing as an untrusted certificate error when accessing from one particular 2012 server. This started as a result of the globalsign cert issue recently highlighted in the news.
Is there anything I can download which will tell me if its root issue or intermediate issue. thanks.
Who is Participating?
btanConnect With a Mentor Exec ConsultantCommented:
Thanks for sharing.
You can try globalsign checker which is using ssllabs if your website is reachable. May be good to have a staging with replicate (with dummy data) to verify the ssl otherwise suggest use the offline tools for checking.
btanExec ConsultantCommented:
May consider Certutil

A tool for administrators who manage the set of trusted root certificates in their enterprise environment. Administrators can view and select the set of trusted root certificates, export them to a serialized certificate store, and distribute them by using Group Policy.
E.g. CertUtil [Options] -syncWithWU DestinationDir

Check the certificate state against CA CRL or chain
E.g CertUtil [Options] -verify CRLFile CACertFile [IssuedCertFile]
CRLFile: CRL to verify
IssuedCertFile: optional issued certificate covered by CRLFile

Another tool is Openssl
If you have the server certificate chain saved in a file, you can provide it to the OpenSSL "verify" command using the "-untrusted" option as shown below:


OpenSSL> verify -untrusted twitter_chain.pem twitter.pem
twitter.pem: C = US, O = DigiCert Inc, OU =,
   CN = DigiCert SHA2 Extended Validation Server CA
error 20 at 1 depth lookup:unable to get local issuer certificate
error in verify

This tells us that the validation failed on locating the certificate of the issuer appeared on the intermediate CA certificate.
Sid_FAuthor Commented:
Anything a bit easier e.g install software point to site etc : )
Sid_FAuthor Commented:
I managed to resolve the issue and the globalsign issue is resolved by downloading the first cert Domain Validation CA - SHA256 - G2 on the page from here
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.