Over 1 million tech questions and answers.

IE 8 security certificates- server down?

Q: IE 8 security certificates- server down?

I'm trying to get into paypal but IE AND Firefox are telling me that the security certificate is invalid. Is the certificate server down or is there something wrong in my interent settings?

Preferred Solution: IE 8 security certificates- server down?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: IE 8 security certificates- server down?

Is your date (including the year) and time correct? This was the problem on another computer; the date and time invalidated the certificate.

Read other 3 answers


The previous VeriSign 128-bit International (Global) Server Intermediate certification authority certificate expired on January 7, 2004. This may cause problems for clients that try to establish server-authenticated secure socket layer (SSL) connections with Web servers and other SSL/Transport Layer Security (TLS)-enabled applications that do not have up-to-date certificates.

To prevent these problems, Microsoft Internet Information Services (IIS) operators should contact VeriSign to update the intermediate certification authority certificates for servers that use 128-bit SSL to connect to Web sites with the Secure Hypertext Transfer Protocol.
Affected software

Microsoft Internet Information Server
Microsoft Internet Security and Acceleration Server
Microsoft Exchange
Microsoft SQL Server



Read other answers

Hi All,
I will be deploying ATA 1.6 in our dev environment in the coming weeka and just needing a bit of help clearing up some detail with the "how-to" aspect of certificate generation. The environment I will be installing into is AD based with it's own
CA, so I won't be looking to use the self signed certs (unless someone can give me a good reason otherwise) and am wanting to get the certs provisioned from our own internal CA.
1. IIS certificate is easy, no problems here as I've done quite a few.
2. The Server Authentication template does not seem to be enabled within our environment, so I cannot use the Advanced Certificate Request form from the web portal as I can for the IIS CSR. I looked at generating a Server Authentication Certificate from
the certificates MMC, however I am getting lost under the Certificate Enrollement Policy page as policies configured by my administrator do not include a Server Authentication type.
I am getting the feeling I am going to need to either (a) get the Server Authentication template enabled or (b) generate a certificate template to facilitate this request. In either case I will need detail on what exactly is needed and why to get anything
like this approved. Can anyone help with more detailed/specific instructions on what needs to be done to generate the certificate here?
I guess the other option would be to use our internal CA for the IIS cert (trusted by all in the domain) and then use self signed for the ATA Center... Read more

Read other answers

Hey all, as most I know a lot about some aspects of computers and there's a lot of stuff I don't know as well.
Server certificate issues have been coming up the past couple of years and wanted to learn more about them; like how to be able to discern bogus certs, how to write certs, how to over come cert errors when trying to send mail, etc etc
I'm looking for a 'for Dummies' like book focused soley on certs (or covers certs thoroughly); I really don't want an expensive phone book covering the entire Windows OS or Servers in general.
Anyone have any suggestions?

A:Beginner's Book for Server Certificates?

Server CertificatesCertificates for dummiesBeginner's Guide to SSL Certificates - Symantec

Read other 2 answers

I've got a Server 2003 box running a fully working Certificate Authority on about 20 windows machines.. How do I use this CA request properly with a Mac?

I just want it to authenticate via Wireless using Internet Authentication using a RADIUS server via wireless router.

thanks, is this possible?

A:Server 2003 Certificates, do they work with Other OS'es?

No, they do not. Working with a Mac is described in detail with the software guidance instructions and Facs.

Read other 2 answers

My company has a client that's running Windows Server 2003 in his office. For legal reasons, we can't support his server for him, only the application that we installed on his server. Server maintenance has to come from his 3rd party people. I'm just curious though.

This application of ours connects to a secure site that our company maintains. Every couple weeks, the application stops logging in to our website and he calls us to get it fixed. We Webex to his server and always see the same error. We found that if we open up IE and enter the web address in the address bar, we get a prompt for the certificate. Our application doesn't have the ability to answer this "Yes", "No", "View Certificate" prompt. So we go through the process of installing the certificate. After that, the app works flawlessly for a couple weeks before he calls us again. It's stopped logging in. After we browse to the site and install the certificate again, everything's fine. He's nice but he's tired of having to call us everytime this expires.

He's the only client out of about 1900 that has this problem. He's also the only one AFAIK that's running our app on Server 2003. I've seen Server 2003 but only have about a week's training experience with it. What kind of settings can I have this guy's support team look for on the system to keep this certificate from disappearing every couple weeks? No one uses t... Read more

Read other answers


I believe my computer has been infected. Starting today, I began receiving messages from my browser (Chrome) stating that "The site's security certificate is signed using a weak signature algorithm!" I tried to navigate to the same sites using Firefox but did not receive this warning. I am however being redirected to obviously troublesome websites. MyWOT is also popping up on nearly all of these redirects. Please advise.

A:Suspected Infection: Bad Server Certificates and Redirects

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwar... Read more

Read other 4 answers


Some questions/issues about security certificates when using IE 6 on Windows 98:

1. Are all certificates viewable? I went to a site that had some personal information of mine (my old University) and clicked on the Certificate icon in the lower-right hand corner? I could see that my ISP was active but my machine locked up when clicking on the locked icon. (The reason why I did this was because on older versions of I.E and Netscape you could find out the type of certificate it was, the expiration date and other security information.) I recall that I.E would tell you the level of security based on your settings but I couldn't get to it in I.E 6

2. When I signed in to Amazon.com and click on the SSL icon lock, it says...."This type of document does not have a security certificate" (even though the lock is there)

Can web designers prevent certificates from being viewed? Is this an issue with I.E 6, the design of a site, (There are added security features with I.E 6) or a conflict with I.E 6 and Windows 98? How can you be sure a security certificate is still good?

Does anyone know what is supposed to happen when you click on the SSL encyription lock in I.E 6?


Read other answers

Computer is running Windows 7 Ultimate w/ IE8 and Office 2007 Ultimate.

I check my work email from home by logging onto my employers webmail. In IE8 I type in the https//:somesite.com URL to logon to the Exchange Server, which takes me to a page saying "There is a problem with this website's security certificate" and "We recommend that you close this webpage and do not continue to this website."

I click to continue anyway, then on the next page logon to my employers domain. So far good, I get to my Outlook Webaccess page in IE8.

Now when I click to open any email item I get the "There is a problem with this website's security certificate" and "We recommend that you close this webpage and do not continue to this website." It does this for each email I open.

So I click to continue anyway. If the email contains an attachment that is saved in the new Word 2007 format (DOCX), it gets worse. IE8 wants me to save the file to my hard drive first. When I attempt to save it, Windows thinks the file extension is ZIP.

If I save it as a ZIP (no choice) and extract the files, I get garbage folders and XML files, and the DOCX file is nowhere to be found. I don't have this problem if the file extension is anything else (pdf, xls, doc, etc are all ok).

Microsoft Help says there is no way to turn off the certificate checking in IE8. Is that true? Or they just don't want us to know how?

Read other answers

I am trying out a remote control program called Remotely Anywhere and it is working well to connect two computers, except for the SSL security. I set up a certificate on each machine (I think), yet I still get the error message before the browser page opens up that says "There is a problem with this website's security certificate".
Does anybody know what I have to do to fix this? or is this not a concern?
BTW - in the program, there is a utility to create your own certificates and I have done that, in fact, I think I may have created a few on each machine, because it lists 3 on one machine and 4 on the other. Do I need to delete these some way? maybe in the registry?

A:SSL and security certificates


Read other 1 answers

I have an old computer that has not been connected to the Internet for many years because it only had a dial-up modem installed in it. I finally installed a network adapter (installing all service packs first), and now it thinks every security certificate is bad. The security certificate list in Internet Explorer only shows certificates that expired years ago. The only recent certificates are the ones that were placed in the untrusted list by Windows updates. Is there anything I can do? This computer runs Windows XP Professional SP3.

A:All security certificates are bad

Try this link first http://www.lockergnome.com/windows/2005/04/06/how-do-i-fix-invalid-or-expired-security-certificate-errors/

Read other 6 answers

I am trying to replace the auto generated self-signed (Issued to DM, issued by DM) certificates for the HDPM Server and Master Repository.  I am NOT refereeing to FTPS, the HPDM Embedded HTTPS Server, or the Thin Client Agent certs.   I have already setup certs from our own domain internal CA for FTPS in IIS and the Apache Embedded HTTPS server.  These are working fine and Repository tests pass for both protocols.  I have also issues to the Thin Clients from our internal CA just fine. I'm interested in the actual HPDM Server cert and Master repository cert. These are self-generated when the two services start up.  They use a very weak MD5 hash and RSA 1024 key.  I cannot find any documentation around this except for troubleshooting in which you can delete these certs restart the services and they will be regenerated.   Here are the certs\key paths%HPDM Install Path%\MasterRepositoryController\Controller.crt (Repository Cert)%HPDM Install Path%\MasterRepositoryController\Controller.key (Repository Key)%HPDM Install Path%\MasterRepositoryController\Client.crt (HPDM Server Cert)%HPDM Install Path%\Server\Bin\hpdmskey.keystore (Both HPDM Server and Repository Certs and Keys)(Not sure the format it is in.  It's not PEM and ok P12 as far as I can tell) There is also %HPDM Install Path%\Server\bin\hpdmcert.key.  Not sure what this is.  Think it?s the HPDM Server key but deleting it does nothing and it is ne... Read more

Read other answers

Hey folks

i just got my PC up and running (vista 64) and every old web page i try to open the page invalid security certificate appears

then gives me 3 options

then i open the not recommended one, and the webpage appears in different font
how do i get back to normal
norton 360 security used


A:Website security certificates ?

The page appears

'There is a problem with the websites security certificate'
The security certificate presented by the website has expired or not yet valid



Read other 6 answers

Whenever I go to access my NAS I get a security certificate error. I used to get this in IE 9 but I just added the certificate and problem solved. I cannot seem to do the same in IE 10 am I missing something?

Read other answers

Hello All,

Having an interesting problem with my wife's laptop. Everytime you go to any site, it says that the security certificate is not valid. I have ran spybot search and destroy and ccleaner and found nothing major. I think it is a browser hijacker but not sure since I don't get any popups or other strange behavior. Should I run hijack this?

Not a complete computer illiterate but those logs can be confusing

Anyway, thanks in advance and hope I can contribute to this forum!!


Read other answers

Hi, hope someone can help. Everytime I try to log into websites that used to be secure (green URL bar), they are now coming up with yellow triangle over grey padlock which says it cannot be verified if the certificate is valid. I'm using windows vista and google chrome. Never had this issue before and can't find any answer to it. Thanks thanks thanks.

A:site security certificates

Make sure your computer has the correct date and time.

Read other 3 answers


Since this morning I've been having some quite weird issues. Firefox (both 26.0a1 and 23) spits an "Invalid Certificate" error at me for anything https. Some of the affected pages are loading slower than normal and Facebook, for example, is showing just plain text. All of this could point to the presence of a hidden proxy, which could be screwing up something, or whatever. I have Bitdefender installed, scanned today and it found what, 7 tracking cookies (big deal). MBAM is scanning atm. Will update with the results.

EDIT: Here are the logs: (first one was express, second one was full scan)

Malwarebytes Anti-Malware
Malwarebytes : Free anti-malware download

Vers?o da Base de Dados: v2013.09.15.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Felipe :: FELIPE-PC [administrador]

9/15/2013 3:28:31 PM
mbam-log-2013-09-15 (15-28-31).txt

Tipo de Verifica?o: Verifica?o R?pida
Op?es de verifica?es ativadas: Mem?ria | Inicializa?o | Registro | Sistema de arquivos | Heur?stica/Extra | Heur?stica/Shuriken | PUP | PUM
Op?es de verifica?o desativadas: P2P
Objetos escaneados: 242282
Tempo decorrido: 2 minuto(s), 1 segundo(s)

Processos de Mem?ria Detectados: 0
(N?o foram detectados ?tens maliciosos)

M?dulos de Mem?ria Detectados: 0
(N?o foram detectados ?tens maliciosos)

Chaves de Registro Detectadas: 0
(N?o foram detectados ?tens maliciosos)

Valores de Registro Detectadas: 0
(N?o foram detectados ?tens maliciosos)

It... Read more

A:Invalid Security Certificates

Turns out bitdefender's SSL analysis for antiphishing screws with Firefox's certificate authentication.

Read other 1 answers

I am having to reload security certificates and reload previously saved page settings (e.g. regional preferences on MSNBC.com) each time I log on. How can fix this?

A:IE settings and security certificates


Have you tried the Repair Tool?
Control Panel | AddRemove. click on Microsoft Internet Explorer. Click AddRemove. Choose the Repair function, apply and restart.
Also, what setting are you security settings at? Tools | Internet Options. Go to Security tab and look at the Internet settings. Press the globe and click on Custom Level. Ensure that it is set to Medium and reset. Say Yes.



Read other 1 answers

My Time Has Changes In My Desktop And I Get This Message That The Web's Cert. Is Not Available. Does Anybody Knows Why Or How To Fix It?

Read other answers

I keep getting the same pop-up over and over on everypage( IE hasblocked this web site from displaying content with security certificate errors) and can not log on to an email page. I had no problem a month ago, but now its bad. I tried enabling certain propmts but that just makes it worse because the security settings are to low. Thanks for the help and here is the HJT

Logfile of HijackThis v1.99.1
Scan saved at 8:26:07 AM, on 2/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
c:\program files\mcafee.com\agent\mcdetect.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~... Read more

A:security certificates errors

The computer calander was set back to 2006

Read other 1 answers

Greetings all,

I had been having some sluggish responsiveness from Chrome and decided to reinstall the browser. I went through the uninstall then downloaded Chrome again from the internet and re-installed. One problem, I started getting SSL errors on a site that was working prior to the re-install.

I thought that if I deleted my security certificates they would repopulate as I went back to the sites where they were issued so I went in and deleted all of my certificates. Not a real good move.

Is there some way to get them back? Or what do I need to do in order to be able to use this computer again on the internet?



A:Deleted Security Certificates

Hi Jake and welcome to TSF.

These articles may help with recovering the certificates How to Restore a Deleted Certificate | eHow.com and WebSphere Application Server Version 7.0 but I think that you may need to know which certificates were deleted - never had to do this.

Read other 3 answers

A couple of times I have gone to a secure site and it has taken long for the site to open, then a box comes up saying something is wrong with the certificate - usually date or an extra digit in the address. After viewing, it says "This certificate is okay". So I thought maybe I should install the certificate. When I click on that a Wizard comes up - since I don't know what's going on with this, I cancel.
Can anyone please explain this Wizard thing to me and should I be installing a certificate? The only two I tried (and canceled) was with my antivirus (CA) and the grc. site.
Thanks very much.
Sincerely, Libra

A:Security Certificates Question

Have you read these?

It's probably the server you're contacting though, rather than you.

Read other 2 answers

Hey all

Have a slight problem which after spending hours searching the internet trying to find answers and solutions iv decided to ask the question.

My situation, My documents on my old pc where encrypted/secure which ever one it is so that i could only see them and what not. One day my pc decided it didnt want work so i bought a new one. So naturaly i stick my old hard drive in my new pc (i had two hard drives in my old one, one for systems and program files, and the other for personal stuff) The one with personal stuff works fine in my new pc, although i cant accsess my documents which is what i want . Iv put the other hard drive in my new pc with the systems stuff on (running it as a second drive) and extracted what i thought was the security certificates. Iv tried placing them in there correct places, or what i believe is the correct places but it doesn't do anything to them. The files still appear green and says access denied.

Im stuck, what do i do?

Thanks phil

Read other answers

Hi guys!  I have an xp machine.  I have been playing pinochle on line for a # of years.  I have recently been locked out because it says I have an untrusted security certificate.  I have downloaded and installed the up-dated java,(to no avail) and checked the time and date to make sure it is current.  I am at a loss!   Any suggestions would be highly appreciated.  Thanks!

A:untrusted security certificates

Have you verified that your browser is updated, and that your Windows Updates have been performed? Also what browser?

Read other 7 answers

Post deleted by author.

Read other answers

I recently removed my CPU fan, cleaned it and reconnected everything.

I now get windows security errors for nearly every site (including Microsoft)

Itunes cannot download updates "the IPhone update server cannot be contacted"

I cannot go to the Itunes Store "Itunes cannot verify a secure connection with the Itunes Store (-9815)"

Websites I can always access (Like Arena Net) give me the bad security cert message and I have to red-shield click through.

I cannot turn on Home Sharing in Itunes.

I have another computer connected to the Router that is having no issues.

My System clock reset to 2008 (I just fixed this)

Any ideas?

A:Bad windows security certificates on every webpage

Quote: Originally Posted by jacksyee

I recently removed my CPU fan, cleaned it and reconnected everything.

I now get windows security errors for nearly every site (including Microsoft)

Itunes cannot download updates "the IPhone update server cannot be contacted"

I cannot go to the Itunes Store "Itunes cannot verify a secure connection with the Itunes Store (-9815)"

Websites I can always access (Like Arena Net) give me the bad security cert message and I have to red-shield click through.

I cannot turn on Home Sharing in Itunes.

I have another computer connected to the Router that is having no issues.

My System clock reset to 2008 (I just fixed this)

Any ideas?

Hello and welcome jacksyee Seems an odd one mate what security are you running?

Read other 4 answers

Hey Guys,

Something is going on. My gf was using the pc via a ts connection. Nothing seemed to be worng. Then the pc went blank and required rebooting. When I rebooted, there was a message stating "system reconfuguration" and asking me to continue via F1 strike. She then booted up as normal.

Well, now when I try to browse the internet, all pages lead me to an "unknown certificate" page and aske me whether to continue.

This repeatedly happens when I try to navigate from page to page...

I don't know what to do here...




A:Security Certificates and Internet Problems...

What browser u r using ....???

Read other 1 answers

Ever since I was compelled by Messenger to change to the new version, I cannot access any websites , get to view a Profile, etc. from there. I always get the "Security Certificate" message and even if I choose the "go there anyway" option it still does not connect. Also, I get asked to refresh my email page very often when there, and Messenger keeps disconnecting often, telling me to sign in again.

I did not have any of these problems before I changed Messenger versions and I do not use IE 7. I have Service Pack 3 installed, my date and time are correct and my Internet connection works fine. Can anyone suggest something as I am getting more and more frustrated with this behaviour. Thanks

A:Security Certificates Error Problems

Check the time and date are correct

Read other 2 answers

I work w/ sensitive datasets from the federal government. We got the data for 2010 a few months ago, and I haven't been able to open any of the files. The IT guy from this gov agency is not very helpful or responsive to my calls and emails, but 1 of the few times I actually talked to him, he gave me a set of steps to follow to open the files. I followed them, and this is what happened:

1) Right-clicked on data file (which is named something like "LT2010.ZIP.bin")
2) Selected PKZIP/Extract files here (PKZip is a zip program he told me to use)
3) Got message that security certificate is not trusted
4) Entered file password at prompt
5) A file named "LT" was generated, with no file extension
6) Got message that security certificate is not trusted
7) Opened Kirix Strata (another program he told me to use -- I'm not sure what it does, but he said something about converting it from some character coding to ASCII)
8) Went to File\Import and selected the LT file
9) Selected Comma as a Field Delimiter and clicked "Next"
10) "LT" showed up in the Project tab on the left side of the Kirix Strata program
11) Selected LT, and it is blank in the KS browser window

He said that the fact that I’m getting an error that the security certificate is not trusted is a clue to the problems that I’m having. He believes the issue is due to the fact that our systems don’t recognize the certificate that they use to authenticate the files. He was sur... Read more

A:Does anyone know about security certificates and encrypted files?

I'm sorry but since you're talking about sensitive government data this is something that we will not get involved with for obvious reasons.

Closing thread.

Read other 1 answers

Around the 4th of July, something must have climbed aboard my computer because the next time I tried to do some online banking, IE7 said the bank's certificate was invalid - in addition to MSN's certificate and a few others, like eBay & Amazon. It's most spectacular new behavior, however, is that it absolutely will not let my MS Security Essentials (spyware & virus program) update its virus & malware definitions, not allow me to download the new IE8 web browser, not allow me to download or install McAfee protection (can't even go to the site), refuses to connect me to the MS windows XP update site(it tells me I'm "not connected to the internet") and tells me the same thing when I go to any sites that might let me update or acquire recent info about spyware/viruses.
I have uploaded my hijack log (I hope). Nothing on it was checked. However, in the last few days of struggling with this thing, I did find and isolate several strange programs that were loaded directly on the C:| drive: something called lzq.exe, exe.exe, lzr.exe, f340E71f.exe, ymbysztjnh.exe, ixapuficuzuhi.exe, araqaogtssd.exe, pyktfbvchh.exe, mwtendssd.exe, tmp25490.exe, (I am not making this up) and some others that included whole folders full of stuff (I omitted the capitalization of certain letters in the programs' names because it was too difficult to keep track of). I put all those in a folder - along with a whole bunch of odd cookies and folders (one folde... Read more

Read other answers

The full advisory can be found on the Web at: http://www.microsoft.com/technet/security/advisory/2524375.mspx.

Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.

Certificates for the following Web properties are affected:

• login.live.com
• mail.google.com
• login.yahoo.com (3 certificates)
• login.skype.com
• addons.mozilla.org
• "Global Trustee"

Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used.

An update is available for all supported versions of Windows to help address this issue. For more information about this update, see Microsoft Knowledge Base Article 2524375 (http://support.microsoft.com/kb/2524375).

Typically, no action is required of customers to insta... Read more

Read other answers

I am receiving the following message for about one week now. I would like to know the certificate name/owner/title I am looking for in Outlook Express 6.0 on my XP Pro. I need help on this please.

Internet security warning

The server you are connected to is using a security certificate that could not be verified.
The signature of the certificate could not be verified.
Do you want to continue using this server? Yes/No

There is no clue as to the name of the certificate. I have ATT and SBC Yahoo mail coming in.

Could you please help me find the name or some description of the certificate in question.


A:XP Outlook express security certificates

Read other 15 answers

I was wondering if it's possible configure a Windows 2019 IIS v10 hosted Web Server to perform OCSP checking of client certificates that are used to authenticate?

It is my understanding that typically the Responder URL that the Web Server contacts in order to validate the client cert is extracted from the AIA attribute in the client certificate. But is it possible to override/supplement this with an additional Responder?

For instance, what if I set up an OCSP Responder in the same domain as the Web Server and associated its revocation configuration with the SUB CA binded to the IIS Site. Now if client certs come in for authentication  and have an unrelated OCSP Responder
in their AIA, can I somehow tell the Web Server to check also the aforementioned Responder that has been stood up in the domain?

A:OCSP Based Validation for Client Certificates Using Responder Defined by Web Server

Per a reply from Mark B. Cooper at PKI Solutions this is indeed possible. You must edit the following GPO in order to override the default behaviour of the web server which is to only check the Responder URL specified in the client certificates' AIA extension.
Default Domain Policy > Computer Configuration >  Policies > Windows Settings > Security Settings > expand Public Key Policies
Once a custom Responder is specified in the CA / SUB CA's revocation properties the above GPO will allow it to check that custom Responder URL first, then ocsp as defined in the AIA extension and then CRLs
Thanks Mark!
Will post reference links once MS verifies my account.

Read other 1 answers


I have recently changed to Vista and have an annoying problem. My homepage
is set to News, Sport, Music, Movies, Money, Cars, Shopping and more from MSN UK I know this is the genuine address and had no
problems in XP. Now whenever I start Internet Explorer the page about a
problem with the websites security certificate pops up like this

The security certificate presented by this website was not issued by a
trusted certificate authority.

Security certificate problems may indicate an attempt to fool you or
intercept any data you send to the [COLOR=blue! important][FONT=verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif][COLOR=blue! important][FONT=verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif]server[/FONT][/FONT][/COLOR][/COLOR].
We recommend that you close this webpage and do not continue to this
Click here to close this webpage.
Continue to this website (not recommended).
More information

a.. If you arrived at this page by clicking a link, check the website
address in the address bar to be sure that it is the address you were
a.. When going to a website with an address such as
https://example.com, try adding the 'www' to the address,
a.. If you choose to ignore this error and continue, do not enter
private information into the website.

For more information, see "Certificate Errors" in Internet Explorer

Now I know there was a co... Read more

Read other answers

For some reason my systray clock is showing "January 01, 2001" and I think it's what's tied to a "There is a problem with this website's security certificate" message on Gmail and Yahoo.

I added an exception to access those sites as I assumed it was tied to the clock confusing the certificate dates - should I recall the exceptions and if so how do I do that on Firefox? Gmail and Yahoo login will only display in HTML now.

Does the motherboard battery need to be replaced? Is that why the clock is off? Nothing else seems to be affected when I reboot.

A:Wrong time affecting security certificates

Does the clock revert to Jan 1 2001 on reboot if you amend the time ? If so it's very likely to be a simple matter of replacing the CMOS battery .

Read other 1 answers

Firefox has been acting weird lately, showing an invalid certificate error for pretty much anything https. Some pages such as facebook and soundcloud load only sometimes and when they do, they're completely broken. Bitdefender found nothing but a few tracking cookies and MBAM found 3 PUP.Optional.Conduit.A, which were already removed. So, uh... What do I do?
EDIT: While both Firefox 23 and 26 act like this, IE, surprisingly enough, does not. I also noted that every certificate is issued by Bitdefender, which happens to be my AV. Could it have screwed something?
EDIT 2: Oh well, Google, once again, saved the day. Turns out Bitdefender's SSL antiphishing analysis tool happens to screw with Firefox's security certificate validation.

A:Security certificates invalid and firefox acting weird

Persistence pays off. Thanks for sharing the solution.

Read other 1 answers

I know how to view and look at them. But it confuses the heck out of me. Over the years going to military or other sites I added certificates. How do I know which ones I have, if I still need them and what they are for? Is there a program to help me with this? Or must I manually inspect them all? If I remove or change the wrong one that could be bad correct? Could it be disastrous? Or would it later reinstall itself when needed? This is a home PC

I just want to know what certificates I have, use and what they are for. If there are ones I do not need, accidentally accepted (or someone else using cpu did). I want to remove all the ones I do not need. My kid uses this computer, I can see them just pushing buttons or not knowing better adding certs. Could adding the wrong Certificates be harmful - how so? Is there a good primer, faq or something on this? I found several but would rather go on someones recommendation.

Read other answers

Over the past week or so, I noticed that the security certificates for several established websites (Amazon, for example) have been coming back as invalid. I've also noticed that the calendars used by hotel websites have been returning errors even when a valid date is chosen. For example, it will indicate that I can't choose a date in the past, even when I have chosen a future date. I've noticed this to be the case using a variety of hotels website. I'm not sure if this is a browser or other problem. My computer is fairly secure and virus/adware free. Has anyone else noticed this?

Read other answers

I have almost a dozen expired security certificates on my computer.  Some of them expired 15 years before I even bought my computer!  I need someone to help me get these updated.  Some are from Microsoft, some are from Comodo, some are from
VeriSign and I don't remember all the others.  Can anyone PLEASE help me!


Read other answers

i am trying to install digital signature, internet explorer..internet options..security..contents...certificates..personal..empty
signature certificate is not displayed though the settings were done.

Read other answers

Firefox and security certificates (3 web pages).

Secure data transmission on the internet relies on encryption and security certificates. Mozilla has revised the way Firefox 3 handles certificates, but not always for the better. A few modifications will sort things out – and give you more security.

-- Tom

A:Firefox and security certificates: The right way to handle encryption with Firefox 3

Read other 9 answers

Looking for a consensus regarding security software for a Windows domain that includes Exchange 2003. One consultant prefers Symantec products. Another Trend Micro.

I know there are complaints about the tardiness of Symantec's virus updates and I know their spam filter is not particularly good. I have not seen much bad about Trend. And I know there are other good suites out there.

I want something that cleans email on its way through Exchange and something that pushes protection (AV, Spam, Spyware) out to the client computers.

A:Server Security

I wouldn't put either on a server that has a defined role on a network like and Exchange Server. If I had a choice I would have appliances for AV and SPAM before they ever hit any of the servers or clients. Symantec Corporate AV has the ability to push updates to the client and I am sure many others do as well. Installing them on servers just adds overhead to the processes they are already running.

Read other 3 answers

I have a W2K web server, running Apache and an FTP server, which comes straight off an adsl router and therefore has a public IP address. At the moment, it has no other software running.

Everything works fine, but I am concerned about security. How vunerable is it to hackers or other problems and what measures should I be taking?

A:Web server security

Read other 10 answers

I'm considering setting up FTP access on a W2K server running Outlook Web Access. Does anyone have any experiece or advice with how secure/stable this is?
Also, I will need to setup a directory that will purge files older than 10 days. Can this be done with Windows?

Read other answers

I'm not sure whether this question should be listed under network or security. I'm in the process of setting up a server for FTP and eventually web hosting. Becaue this is a server on a business network, I am a little concerned about security. I am planning on setting up the server as a DMZ host in my router. Does anyone have any suggestions for security measures that should be taken?

A:Server Security

Read other 6 answers

Hey all!

I don't know if this is the right place to ask (since it seems it's all about spyware and stuff here), but if it's not please move it to a different forum...

I'm building this website in ASP, and as i've been taught, I use relative paths to images and such. I also want to use the "<--#include virtual="filepath" -->" thing in my pages, so it's easier to correct structural changes that I maybe have to make in the near future (there are over 100 pages on this site - since I cannot use a database - and so it's easier to correct 1 file than 100 files).

But the people that will host the site have all relative paths disabled. Now is my question: Is it necessary to disable relative paths if you have NTFS security? You set your security on NTFS level, so if hackers would use the relative path thing to go through all the files on the server, they should not get access to any of the files, right? Or is the NTFS security not enough?

Thanks for reading and maybe answering...

Read other answers