Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unable to access secure site using IE 1

Status
Not open for further replies.
jamkitts

jamkitts

Technical User
Joined
Aug 20, 2001
Messages
2
Location
US
Unable to access a secure site with IE but it works with Netscape
 
Sort by date Sort by votes
A" secure site, or secure sites in general?

The most obvious fix for this behavior is to ensure that the time and date are correct on the pc in question.

Tired of waiting for an answer? Try asking better questions. See: faq222-2244
 
Upvote 0 Downvote
what CA did it come from (verisign, UNIX CA, Solaris, etc.)

You are missing the required attributes for Windows...namely, enhanced key usage, certificate template name if possible, ...couple more too

Would haev been opposite had you made the cert on a MS CA to use in netscape...you would've found it working in IE but not in netscape....

netscape (and netscape CAs) uses different certificate attributes than IE...

you must add the required attributes into the cert request....if you can paste your .inf file (blank out the subject and any subject alternative names for your own security).....I'll take a look and adjust it...then you can use certreq to create a new request for submitting to the CA

You will need a new cert though....either a remake of this one if possible (get it in place of this one), or a new cert altogether...your gonna need those attributes

-Brandon Wilson
MCSE00/03, MCSA:Messaging, MCSA03, A+
almost got a paragraph there :)
 
Upvote 0 Downvote
Check your chipher strength. In IE click help and about and see if it is 128. If not you need to install the hight encyption pack for IE from MS or just run all your windows updates.
 
Upvote 0 Downvote
if you are missing enhanced key usage, basic constraints, or any number of other attributes that are NOT given in a cert from a netscape CA (UNIX, Solaris, etc.) unless specifically requested (not to mention the CA must be configured to allow the extensions)anyways, netscape certs come out with attributes like netscape cert type vs. MS's certificate template; netscape certificate use vs. MS's enhanced key usage, etc.

high encryption pack is what, 3 yrs old or so.....if thats not on then the machine probably hasnt ran in that long

the most common item seen is when a cert was requested from a netscape based CA and will not work in IE, or, a cefrt requested from a MS CA will not work in netscape...both are extremely common

if you have you inf I'll fix it for you, as I beleive I mentioend earlier....or at least health check it to be sure all windows requierd attributes are present and correct...

-Brandon Wilson
MCSE00/03, MCSA:Messaging, MCSA03, A+
almost got a paragraph there :)
 
Upvote 0 Downvote
The problem was being caused by "System Cryptography: services.

The specific service was to do with FIPS compliant algorithms for encryption.

Disabling the service solved the problem.

Thanks for everyones input and assistance!

jamkitts
 
Upvote 0 Downvote
coolio glad to hear it...

-Brandon Wilson
MCSE00/03, MCSA:Messaging, MCSA03, A+
almost got a paragraph there :)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cfsjohn
  • Locked
  • Question Question
How do hackers use a public port to gain access to my server
Replies
6
Views
1K
DrB0b
DrB0b
M
  • Locked
  • Question Question
How to Recover MS SQL Server Password Manually?
Replies
1
Views
626
moinkhan7186
M
V
  • Locked
  • Question Question
IP office Hunt group to voicemail
Replies
0
Views
1K
vandaliahealth
V
K
  • Locked
  • Question Question
PABX SL1000 to add Ext Operator
Replies
0
Views
1K
kennychin
K
idahomitel
  • Locked
  • Question Question
SX 200 cfna to operator
Replies
0
Views
903
idahomitel
idahomitel

Part and Inventory Search

Sponsor

Back
Top