7

I've a VM that has a self-sign certificate. If I test my https page in Firefox or Chrome, I just need to accept or add exception for the cert and I will be fine. I can make JSON call or JSONP call.

However, when I do it in IE, I can't. I add the certificate as ROOT cert, and then

1) every time I restart the browser, it will ask for the certificate again.

2) every time I make JSONP call with https, IE doesn't like it and show "IE has blocked this website from displaying content with security certificate error...". and even I click "display blocked content", it doesn't help and show up anything. :(

any idea how to deal with IE (without getting a real cert) Thanks.

murvinlai
  • 48,919
  • 52
  • 129
  • 177
  • besides being self-signed, is the certificate valid? (i mean, expire date in the future, CN equals intended domain name,...). I remember I had to debug a webapp on ie once and it would let go self-signed certificates (after adding them to trusted repository), but not in one thw cases above. – guido Aug 10 '11 at 00:13
  • did you get any solution for this ? – King_Fisher Oct 15 '19 at 06:59

2 Answers2

5

When Internet Explorer presents the screen with the warning "There is a problem with this website's security certificate", follow these steps to create a security exception for this site:

  1. Click on "Continue to this website (not recommended)."
  2. Right-click on the background of the page
  3. Select "Properties"
  4. Click the "Certificates" button
  5. Click the "Install Certificate..." button
  6. Click the "Next >" button
  7. Select "Place all certificates in the following store"
  8. Click the "Browse..." button
  9. Select "Trusted Root Certification Authorities"
  10. Click the "OK" button
  11. Click the "Next >" button
  12. Click the "Finish" button
  13. A security warning pops up. If you are sure the certificate is safe, click the "Yes" button
  14. A notification pops up "The import was successful." Click "OK"

From now on (until the self-signed certificate expires), you will not get the certificate warning every time you go to that page.

If this doesn't work, you may have already installed the certificate in the wrong location. To remove an incorrectly installed certificate, open Internet Options, click on the "Content" tab, click the "Certificates" button, find your certificate in one of the tabbed lists, and click the "Remove" button. Then try following the preceding directions again.

If it keeps failing after that, there is a high probability that your certificate is invalid. Right-click the web page, select "Properties", click on "Certificates", and double-check that the "Issued to:" name matches the domain in the URL bar, and that the "Valid from ... to ... " dates include the date that the client machine is set to.

If the Install Certificate is greyed out, you have to run iexplore as administrator.

sashoalm
  • 75,001
  • 122
  • 434
  • 781
Ben
  • 1,003
  • 1
  • 11
  • 18
  • I found that this didn't work for me - the install certificate button was greyed out. My work around is to open the website in firefox, use that to download the certificate (right click, page info, security, view certificate, details, export) - then double clicking on that allowed me to import it. – Stuart Moore Jul 24 '15 at 10:56
  • You have to run it as administrator, I've edited the question. – sashoalm Mar 19 '18 at 11:23
1

Did you put it in the user Trusted Roots certificate store or the machine? Are you running as the same user? Putting a self signed certificate in the Trusted Roots store should work fine.

Alternatively, look at the wire traffic and see if the proper certificate is being sent to the client, it might be a server config problem.

Nasko
  • 1,312
  • 10
  • 7