Installing a certificate on a PC - ssl

I have an internal website in our company that uses HTTPS and the Server's certificate. The thing is since this certificate is self-signed, when anyone browse to that web site it gives a certificate warning. What I did on my PC I opened the site in IE and then clicked on the certificate error in the address bar and on the general tab clicked on Install certificate, selected Local Machine as the store location and placed it on the Trusted root certification authorities. Using a MMC I also verified that this certificate is installed successfully. But the issue is that the certificate warning is still there!

I was facing the same problem as you before, and i think it is impossible to remove properly the warning even if you use firefox, chrome or you own web browser based on Internet Explorer libs, your company must bye a certificate from companies like verisign. The only way i found to remove the warning message using IE is to trap the window wich warn you using WINAPI (getting window handle by the window title of the warning popup then find the handle of "OK" button and send a message to simulate a press on it)..

You can try adding this to trusted sites in IE. If you have group policy access it can be set for users also.
Open IE
Click Tools and select Internet Options
Click the Security Tab
Select Trusted Sites icon and set the Security level to Medium Low.
Add the site to Trusted Sites by clicking sites button.
Close all the Windows. Then open the browser.
See if that will work for you.

Related

Nothing happens when importing cert to keychain in Mac Mojave

I have a container running locally. My Apache server has a self signed certificate that I am trying to load to my Mac's keychain and I get no errors but the certificate just does not show up. I can open https://localhost on a Chrome browser and I can skip the warnings that the certificate is untrusted but I cannot use tools like Postman as the requests are blocked.
Any idea why this may be happening?
This is the steps I followed:
Opened https://localhost in Chrome. Clicked on the lock and dragged and dropped the cert to my desktop
Opened Key Chain and selected "System"
I went to File -> Import new items and selected the cert that I grabbed from the browser
No errors but the cert just does not show up on the list at all.
I am using Mac OS Mojave 10.14.6

Firefox not recognizing new ssl cert on local site

I created a new Drupal 8 site (latest version) on my Mac, using MAMP to test locally. I'd been using a self-signed SSL certificate, and yesterday purchased a Comodo PositiveSSL Multi-Domain (DV) cert. The site comes up fine in Safari and Chrome with the new cert, but Firefox (78.0.2) is still looking at the cold cert. I've tried clearing all caches, clearing the history cache, even rebooting; nothing seems to help. Is the old one being cached somewhere? Comodo said it should work and to ask Stack Exchange.
Found the solution when I asked Firefox support forum:
follow the step:
click the 3 horizontal line top right browser screen.
click Help and select restart with Add-ons Disable.
Goto Safe Mode
click the 3 horizontal line top right browser screen . click the new private window.
I did so and re-enabled extensions and restarted, perfect!

Microsoft Edge Keeps Prompting For Certificate

I have an application that uses certificates (*.p12) to authenticate users. I want to be able to use it in Microsoft Edge (version 42) and Internet Explorer (version 11), but these browsers give me issues.
Speaking specifically of Edge, I have added the certificates to the certificate store, and they are available for me to login. When I navigate to the website, I get prompted with a window that says "Select a Certificate" (as I expect) and I select the desired user's certificate from the prompts dropdown and click "OK".
This is where the issue occurs. After I select the certificate, the prompt immediately pops back up. The prompt can reappear between 2 and 10 times. It seems to be worse in Internet Explorer. Either way, the re-prompt impacts my ability to do a number of things with the website that I need to do.
Is this a common issue? Is there something that I ought to change in my browser settings in order to prevent it?
Thank you for any help.

Trust https://localhost:3000/ of MEAN stack in Chrome & Mac

I use Chrome in macOS Sierra 10.12.3. I guess I have already set up ssl for localhost long time ago. Now, both http://localhost/ and https://localhost/ in Chrome return the list of folders under localhost. I have created a nodejs app. So after typing npm start in a command line to run the server, we could open http://localhost:3000/#/home as frond-end in Chrome.
Now, for some reason, I need to make https://localhost:3000/#/home work in Chrome. At the moment, it gives This site can't be reached; localhost unexpectedly closed the connection error.
Does anyone know how to amend this? Should I set up something in mac or in the code of my app?
Edit 1: I have found this page: SSL/HTTPS server with Node.js and Express.js. So I generated the files and modified the node code. Now loading https://localhost:3000/#/posts/editor/ displays the page, but I want to remove the annoying Not Secure warning.
As the above screenshot shows, I was able to view its certificate (though there is an error ERR_CERT_COMMON_NAME_INVALID). I copied the certificate to the desktop and dragged it to login of the Keychain Access tool and modified its setting to Always Trust. I restarted Chrome, reloaded the page, but the Not Secure warning is still there.
Could anyone help?
There are actually lots of threads about this issue, which are quite confusing. I write the way that works for me.
I have finally followed this page to generate the files http://blog.mgechev.com/2014/02/19/create-https-tls-ssl-application-with-express-nodejs/. Note that I set localhost as Common Name (not sure if it's really mandatory).
In www of my MEAN project
var fs = require("fs");
var config = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem')
};
var server = https.createServer(config, app).listen(3000);
In Chrome, I open https://localhost:3000/#/new, then I go to the Security tab of Dev Tools to view its certificate. Then drag the certificate to the desktop.
Double-click the certificate on the desktop, which opens Keychain Access. Make sure the certificate is in login (not necessarily system). If it's not, then drag the certificate in login.
Change everything to Always Trust
(maybe restart Chrome), after npm start the application, enjoy surfing https://localhost/#/new with Green Secure Light.
Are you sure you setup a Certificate Authority? Perhaps you only setup https in your code but forgot to setup a local Certificate Authority for your app to validate a certificate with. If this is the case please reference: http://www.techrepublic.com/blog/apple-in-the-enterprise/create-your-own-ssl-ca-with-the-os-x-keychain/

Internet Explorer 11

I am getting below error when trying to open another https site (with self signed certificate) in IE11.
"Content was blocked because it was not signed by a valid security
certificate. For more information, see “About Certificate Errors” in
Internet Explorer Help."
When using IE9 or IE8, we used to get the same error along with a pop-up message "Show Content" clicking on which will display the content. But IE 11 is not displaying "Show Content" option.
Can you please help in enabling that option for IE11? I researched in SO and lot of other places. The option given was to install the certificate. Is there a way to enable "Show Content" option without going through certificate installation path?
No, you cannot. There is no way to get rid of it without installing the certificate.