I am having great issues trying to debug a page on a web application used internally on an intranet. When entering the page the "Security Information" Pop Up Box appears. The whole application is running under https.
To try and debug the issue, I have used Fiddler, and looked at the urls for every component, javascript, css, images, and user control components. Everything I have seen from Fiddler shows that the urls start with required https!
So, I am completely confused why this message should be shown - it appears everything the page is posted back.
Does anyone have any idea why this should be happening and/or have another tool that could help me?
Thanks
I'm pretty sure that what you are seeing is the result of a self-signed certificate. If a certificate you're using isn't trusted by a known certificate authority (Verisign or a similar company) your web browser can't verify that it comes from a trusted source.
Also, look at what the error is saying, because it usually tells you which part of the security verification failed.
Related
I've a problem in my browser !,
I watched many solutions on youtube to fix this problem.
I did everything, I changed date and time of my computer.
I think this error occurs as a result of a browser that does not recognize the authority of the certificate.
I can browse all sites like "Google, Youtube, Gmail, stackoverflow, etc .." "except for this site" https://id.sonyentertainmentnetwork.com/id/management/ "
I use windows 7 home premium 64 bit,
Google chrome -> last version,
IE -> 11
Please try to browse this site "https://id.sonyentertainmentnetwork.com/id/management/"
"Problem with this website's security certificate" is a generic error message that Internet Explorer gives you when there is a problem establishing a secure connection (https://) to a website using the site's SSL certificate.
This error message can be caused by any number of issues. For example, here are some of the causes:
Your computer and the website's server could not agree on cryptographic algorithms to use for the secure connection. This can sometimes happen for older versions of Internet Explorer.
The authenticity of a website's SSL certificate could not be verified by a Certificate Authority (CA).
You did not provide enough detail in your question to figure out the exact cause of the issue. But, in this case, updating your web browser may help fix the issue.
I think it is just a common browser error that is not letting you visit that website with HTTPS.
I tested that website and it working fine in my browser. (Tested through Chrome, Firefox, Opera, and IE). So I think the issue is with your system.
Try clearing the cache and cookies for that particular website
Clear the SSL State from Internet Options
Disable QUIC Protocol of Google Chrome
Source: https://aboutssl.org/fix-google-chrome-error-err_ssl_protocol_error/
Try this:
Download de certificate:
https://letsencrypt.org/certs/isrgrootx1.der
Right click on this file.
Install Cerficate
Next
Click on second opticn. (my windows on pt-br -"colocar todos os cerficiados no repositorio a seguir") Browser
Select = Autoridade de certificação Raiz confiável.
OK
Next
Finish
Whenever i try to register for Azure Free Trial, i feed all information and as soon as i land on Verification by Card page, it loads and then instantly shows me Session expired. I tried using different ID, different network and also different city to perform the action. Azure support does not work and googling doesnt help much either.
Is anyone else experiencing same or i am only one with such a problem.
I have also attached the screenshot of the issue.
Azure Session Expired.png
I would assume only two thing could cause this.
1. The Browser.
Can you do a clean fresh install of your preferred browser? Maybe there is a cookie issue. Microsoft has a notorious browser past. Are you using IE? If not true installing IE.
2. The Site's Code
Nothing can be done there. Just call Microsoft Support.
I hope this helps.
Best,
Tim
I doubt there's a global access issue with Azure, but you can double-check the status here.
It looks like a trouble with your current device configuration.
Check that your clock is correct. Your browser may remove cookies or
reject certificates because of wrong clock.
Check your browser-specific settings for limitations and security measures like disabled Javascript or enchanced security. It's also worth checking the addons and extensions for the same reason.
If you're on Windows, check Internet Settings or try to add the site to Trusted Sites list. A few months ago I had to add Microsoft sites to the Trusted Sites list on Windows Server box to solve a similar issue.
The simplest solution would be to try another device.
I had the same problem. Trying different approaches to solve the issue ultimately had the same outcome...I couldn't create an Azure subscription when logging in using my O365 credentials.
Working with Microsoft Support the approach that successfully worked for me was to open an InPrivate Browser session. Navigate to https://account.azure.com/, which causes a credential challenge, which you should use the O365 credentials. Ultimately a successful outcome.
BTW> I could only engage MS Support by submitting a Support request. MSFT were responsive in that I was contacted within 60min, with a suggested resolution.
I have a simple app I want to create, which allows you to place any website within your Facebook page on a tab.
Previously, I could just do this without a secure canvas URL, but now it is telling me that I must have this to create the app.
Is there a way around this, as the app does not take any info from anybody, it just shows a site from my server on the page.
Short answer: No. You do not need to provide an encrypted connection if the app runs in sandbox mode but otherwise it is mandatory.
Well, actually people using secure browsing will just see an error message at the moment but judging from recent announcements apps without an encrypted connection will be blocked a bit further down the road.
I've had Windows Authentication setup on an area of our website for some time now, and it has worked flawlessly so far.
Recently, the login prompt stopped appearing and went straight to "Page cannot be displayed" for some reason.
While connected to our network, the page works fine.
Outside our network, users are supposed to receive a login prompt but they now do not, instead receiving the "page cannot be displayed" error.
Why would this suddenly occur, and how is it fixed? I have tried removing the virtual directory and re-adding it but nothing seems to work.
The strange thing is this is only happening in IE - Google Chrome works fine (I receive the login prompt).
Is there a setting or something inside of IIS that disables this login prompt or something? It is strange it is an IE specific issue as well - there were no changes to the state of IE from one day when it was working to the next where it wasn't.
Anyone have ideas on what might be causing this?
Thanks
Oddly enough, I'd wonder why you were getting the login prompt before now.
If you're logged in to Windows and the site you're browsing to uses Windows Auth, IE will automatically try to pass the logged in user's credentials to the site (this all depends on your domain configuration/trust setup...something may have changed with those settings at the domain level that changed the behavior of your IE).
Chrome/Firefox/Safari don't have this functionality, which is why you're still getting a login prompt.
There is a checkbox in internet options->advanced tab to enable/disable Windows Authentication, but you said that there were no changes. Either way it is something to check.
It sounds like you are hitting a security setting in IE.
IE stops windows authentication information from being sent to sites that you do not trust.
You could try adding the site to your list of trusted sites.
You can start by taking a network trace both Internally and Externally, reproduce the issue and see if the request actually reaches the web server. Also, check the IIS logfile for the "Page Cannot Be Displayed" response.
Let me know if that helps or if you have more questions.
Regards,
Vivek.
You need to take a network capture (www.fiddlercap.com) to get any real help with this.
IE supports the "Negotiate" protocol in addition to NTLM; Chrome and other browsers typically only support NTLM.
I have a IIS website with a security certificate setup using SelfSSL (part of the IIS Resources toolkit). The certificate appears valid when I view it in ISS and it works fine for IE, Safari and Google Chrome. However, in Firefox 3 it does not consider the certificate valid and therefore shows a certificate warning when you view a secure page on the website.
This is only a problem because I am using Selenium to automatically test the site. I have tried using custom Firefox profiles to solve this problem and this works ok with one IIS site. But when each developer has their own site you have to keep adding exceptions to this custom profile.
I can use other browsers for the Selenium scripts, but I would rather use Firefox (the form input on IE seems to run much slower than Firefox).
I think the easiest way around this problem is to have valid certificates in the first place, hence I started using SelfSSL. Any ideas why Firefox doesn't seem to take any notice?
SelfSSL does not generate a valid certificate - it generates a self signed one. To get a valid certificate you have to buy one from a certificate authority.
If your IE, Chrome or Safari do not show a warning when visiting your secured page it means that you have added this new certificate to trusted certificates database of your account. You can do this in Firefox too - it just has a separate database. But your every user has to do this for himself.