Announcement

Collapse
No announcement yet.

Access to site with SSL Certificate

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Access to site with SSL Certificate

    We are having issues with our SSL IIS certificate on our site and the ability of Safari browser users being able to access it.
    Our Web site is hosted on Windows 2008 server with IIS7.
    Our SSL certificate is issued by Network Solutions and tests successfully with an SSLchecker on the web.
    We have SOME Safari users that cannot connect to our site with the SSL Certificate enabled.
    Users are getting a "No certificate available" or a "Confirm Certifiate" message when users access from Safari.
    We do have some safari users for instance on an IPhone that can access ok from Safari version 6.0.4.
    Posts are suggesting to set the server to accept all certificates or to set OSCP and CRL to be disabled on the Mac OS.
    Our website is on IIS7 and Most Mac users are running OS 10.7.5 (Lion) Windows Safari users also have this issue.
    Does anyone have any insight to this? Any suggestions would be appresiated.

  • #2
    Re: Access to site with SSL Certificate

    Is your SSL cert commercially purchased? I'm assuming so, but it could be self-issued.

    Just the single certificate on the site, by itself, isn't enough. That certificate had to come from some source which both the web server and the client PC must trust (and it'll be in your Trusted Root Cert Store).

    On the web sever, run 'mmc', select the Certificates snap-in, open it for the server computer, then browse the stores to find the SSL cert. Double-click on that cert and the 3rd tab is what you want (Certification Path). The cert at the top of that chain has to be present on the client PC as well for the SSL process to work. Record the name/source/creation/expiration date of the top cert in the chain.

    So now check out the certs that are stored for the computer on any client where the SSL doesn't work. Look for the cert name that you recorded previously. If that trusted root authority cert isn't on the client, it won't work.
    *RicklesP*
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **

    Comment


    • #3
      Re: Access to site with SSL Certificate

      It is a SSL from a commercial provider, Network Solutions. I appresiate your taking time to post.

      Comment


      • #4
        Re: Access to site with SSL Certificate

        But do both the server and the client show the root cert from Network Solutions in the Trusted Root Cert store on the machines?
        *RicklesP*
        MSCA (2003/XP), Security+, CCNA

        ** Remember: credit where credit is due, and reputation points as appropriate **

        Comment

        Working...
        X