0

we are using a server that is used by like 5 coworkers and is accessed by its web interface. It is a internal only website and doesn't have a valid SSL certificate as it is self signed.

The certificate is deployed via GPO to the trusted root CA folder, so it is installed on the computer. Still the user would get a certificate error when trying to access the website (using Chrome or IE).

Does it not work anymore to just deploy self signed certificates? The purpose is just to avoid the coworkers being required to ignore the certificate warning everytime.

Thanks for your suggestions.

certificate error

Rimini
  • 31
  • 5
  • There isn't enough information for us to help. What is the internal URL that the users are going to? What is the Common Name on the certificate? Have you verified that the certificate has been installed on each computer? – joeqwerty Jun 02 '20 at 15:04

2 Answers2

1
  1. Check the common name of the certificate and if it matches the URL of the site.
  2. If it is a multi-SSL certificate, ensure the common name is also added to Subject Alternative Name field.
  3. Ensure the certificate is in the trusted root CA of the clients, which will ensure the GPO has been applied correctly.
  4. Lastly avoid using a Self Signed Certificate (its a pain to maintain them and it always has tendency to bite in the back), even if its not ideal and not recommended a single tier PKI is better and a two tier PKI is advisable.
IshRaj
  • 81
  • 1
  • 9
0

The issue was, that I had the certificate installed but hadn't deployed the CA certificate which was also generated by the application. I had to deploy both and make sure the FQDN was used instead of just the hostname to access the website.

Rimini
  • 31
  • 5