Issue
When logging into Xenta server using Internet Explorer 8 a certificate error is displayed as displayed below:
- When logging into the web server of a Xenta controller using Internet Explorer 8 an error message is shown stating that there is a problem with the website's security certificate.
The error reads:
There is a problem with this website's security certificate.
The security certificate presented by this website was issued for a different website's address.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website.
Click here to close this webpage.
Continue to this website (not recommended).
More information - How to install a self signed certificate.
Product Line
Satchwell MicroNet, TAC INET, TAC Vista
Environment
- Internet Explorer 8
- Xenta 511, Xenta 527, Xenta 555, Xenta 701, Xenta 711, Xenta 721, Xenta 731, Xenta 913
- SSL
Cause
The default certificate in the Xenta web server is a self-signed certificate. Since the certificate is not issued by a recognized Certificate Authority the web browser (in this case Internet Explorer 😎 cannot validate the authenticity of the certificate and suggests that the user not continue to the website each time the user tries to access it.
Resolution
- Click "Continue to Website" to continue to the screen shown below. Click on "Certificate Error" which is found on the right side of the address bar at the top.
- A dialog similar to the one below will open. Click "View certificates".
- The certificate dialog will appear. Click "Install Certificate."
- The Certificate Import Wizard will open. Click Next.
- Allow Windows to automatically select where to store the certificate.
- Proceed to Finish the Certificate Import Wizard.
- A notification appears indicating that the certificate was imported successfully. Restart Internet Explorer for the change to take effect.
Note: The certificate will need to be installed in each client computer that accesses the Xenta server but once this complete it does not need to be done again. The exception to this is if the web address of the Xenta server is changed or if Internet Explorer is uninstalled then reinstalled.
The alternative is that a certificate issued by a Certificate Authority (CA) may be purchased. These certificates are pre-installed into the web browser and will automatically prevent certificate errors from occurring on all client computers that access the web server. Note that these can be quite expensive and unless the Xenta web server is being hosted on the internet they are not necessary.
See "This Connection is Untrusted" certificate error when logging in to a Xenta Server using Firefox for information on installing certificates into Firefox.
Update: Starting in September 2014, all major browsers will be disabling 1024-bit roots within their trusted roots stores. Any SSL certificates chained to a 1024-bit root will no longer work on any browsers that takes this action or one that relies on another's root store (the self-signed certificate is 1024-bit). This means that you will still get the security warning even if you have installed the self-signed certificate.
