Hi All,
We have a website hosted on IIS 6.0 with SSL. When we visit the website, it alerts the user with the usual security warning with "Yes" "No" and "View certificate" button. we click "Yes" and view the page. The page has some hyperlinks that points to the same site. After sometime(may be 20 to 35 mins) if i click any hyperlink it is poping up the security alert again. Is this a default behaviour ? Is ther any workaround to change the way it works..meaning, we are ok with altert message for the first time and we need to suppress it whne we visit some link after sometime when the IE window is kept open..
Thanks in advance!
-
Yes this is the default behaviour for IE and cannot be suppressed, if it could then unscrupulous users could use this to suppress warnings for their Phishing sites etc. The only way to get round it is to buy a valid certificate, they are quite cheap nowadays.
From Sam Cogan -
this is all due to the fact that you're using a self signed certificate. what you can do is: 1. buy a proper certificate from a certificate vendor (verisign is one) and use that cert instead of the self signed one 2. set up your own internal CA and publish your self signed cert in there for all the LAN users to verify against 3. install the certificate locally on all your users (rather tedious, but if your configuration is static, it might be enough)
MrTimpi : If it is an enterprise CA from ms and you run Active directory internally you can push both user and computer certificates. tough external users would still get the problem with certificate warningsJohnyD : Install certificate to 'trusted root certificate authority'.From dyasny
0 comments:
Post a Comment