This question already has answers here:
What do I need to do to get Internet Explorer 8 to accept a self signed certificate?
(21 answers)
Closed 8 years ago.
I get the following error on a website when I try to load content in an iframe from another server in the intranet with a self signed certificate:
Content was blocked because it was not signed by a valid security
certificate.
I have tried this already:
What do I need to do to get Internet Explorer 8 to accept a self signed certificate?
But it looks it doesn't work for explorer 11.
Those settings should work. You need to check if the certificate being issued is towards localhost or the machine name of your development pc. Check your existing setup by replacing https://localhost/ with https://{your pc's full domain name}/
Related
I have a Synology NAS DiskStation DS2415+. When I bought it several years ago, I followed the setup instructions and created a self-stamped certificate which worked and even allowed me to remotely connect to my NAS via HTTPS.
Recently I changed some settings following the Synology's "Security Advisor" which is an automatic tool which scans all settings and recommend changes to secure it.
Following the recommendations of the said tool, I made some the reuqired changes, mostly in the Network Settings and Security Settings, but now I now can't use Quick Connect without getting a warning. In case any of you is familiar with this issue, I do hope there is a way to use HTTPS and not HTTP, either with a self stamp SSL or a purchased one. When I inquired about purchasing an SSL, I am told that it would be impossible to use an SSL without a dedicated domain for that SSL, but that's a side issue because originally my NAS worked and was remotely accessed via a self stamped certificate.
I managed to fix it by the following steps:
Creating a Self Stamped SSL (done in 2 steps)
1. Go to Control Panel -> Security -> Certificate -> CSR
Generate the CSR and download it. Use your user name as the Common name.
Go again to Certificate -> CSR and this time select Sign Certificate Signing Request. You will then be asked to select the .csr file from before, and as a result, the certificate will be downloaded.
Go to your browser and import this certificate. (Thanks #Matt Clark !)
In my case, only after going to Chrome -> Settings -> Advance and selecting Reset Settings to Default, it worked.
I can now connect to my NAS using QuickConnect and using HTTPS.
This question already has an answer here:
https lock and company name in address bar
(1 answer)
Closed 6 years ago.
I do have a website that has an SSL certificate installed when I visit the website I see the look icon like this :
But in some other websites I see the full company description right after the look icon like below :
So my question is : is there a special config that I need to do to my SSL certificate to be able to show my company name after the look icon?
Thanks.
These are two different types of SSL certificates
The first one is either a DV (domain-validated) or an OV (organization-validated). Only the EV (extensive validation) certificate results in the naming of entity being displayed in the browser.
EV certificates are generally more expensive (because of the more detailed validation process) and they requires more time to be issued.
It is worth to mention that, from an encryption point of view, all these 3 tyoes of certificates provide the same level of security.
I have a website on our Internal network that uses self signed certificate. After chrome update users started to see message about website being insecure.
Is there any way how the problem could be solved?
I suppose this is based on a recent change in Chrome (and also Firefox) which warns on certificates which are signed with the (insecure) MD5 algorithm (see https://code.google.com/p/chromium/issues/detail?id=101123) OR are signed with SHA1 and are valid for more than 2 years (from now).
Certificates should be at least signed by SHA1 or even better SHA256 (to avoid problems in the near future, see http://googleonlinesecurity.blogspot.de/2014/09/gradually-sunsetting-sha-1.html).
Solved by using local CA. Domain Server Certificate
I have a problem with a self-signed SSL certificate not being accepted on my Windows 7 box. I need this because the QuickBooks web connector will not address my CRM except over HTTPS, and the CRM is hosted on an intranet-only Linux server.
I followed the instructions here, and then used certmgr.msc to import the certificate on the client machine. The import appeared to be successful, and I can see the certificate in the "Trusted Root" store:
The problem is that it doesn't work; QBWC still reports it can't connect due to an authentication error, and my browser still rejects the certificate:
Could someone please give me an idea what I'm doing wrong? Thanks in advance!
The correct answer was propounded by #RickK - I had issued the certificate in my own name, instead of the domain of the server. The prompts in Apache make this rather confusing; it really looks like you're supposed to put your own name in the "Common Name" field, and the tutorial I followed seems to advise the same thing.
Anyway, I reissued the certificate, changing the CN field to "apps," and everything is working now. Thanks to #RickK and #pulkitsinghal for your helpful input. (And sorry for the delay in my response - this project got pushed to the back burner for awhile.)
I am using a Debian/Apache webserver with up-to-date software and a SSL certificate to encrypt the communication via HTTPS. In February the old certificate expired and I got me a new one (CA Geotrust via CA RapidSSL). Like the one before.
In Firefox (Chrome, ...) everything works fine. But after the old certificate finally expired after 2 weeks, Internet Explorer says the certificate has expired - leave the page? Appearently the old certificate is stuck in the browser cache and has not been updated since.
And the thing ain't done with clearing the browser cache. I actually had to reset the IE settings to make it reload the new certificate. As it works by now, I guess that the server delivers the correct certificate. But there are still other users who report the same problem - so it wasn't my browser alone.
My best guess is that something in the old cert or my cache suggestions told the IE to store the certificate for a long while. But I have no clue how to solve this - or even what to change so I don't have the same problem next year, again.
Thanks for any ideas!
BurninLeo
I had a similar problem. In fact it is IE under XP who don't support several HTTPS subdomaine on a single IP address.
http://nginx.org/en/docs/http/configuring_https_servers.html#sni
So if you have also several domains or subdomains in same IP you can't solve this on XP/IE you can just choose which certificat is used by XP/IE but it will be the same for all subdomaine.
PiR