Self signed standalone CA gives: "Windows does not have enough information to verify this certi

I have set up a website with SSL on machine "A" and requested a
certificate - Installed Stand alone CA on machine "B" and invoked the
certifikate on this and imorted that to machina "A".

It works, but clients cannot accept the certificate. They get a "Windows
does not have enough information to verify this certificate" and therefore
they allways get the annoying window where they are promted for "yes"
because the certificate is not trusted.

How to trust a self signed cert?

Regards, Lars.

Re: Self signed standalone CA gives: "Windows does not have enough information to verify this c

You need to obtain the CA's root signing certificate (from MachineB), and
install that into the "Trusted Root CA" part of the client's certificate
store. Then the client's will trust certificates signed by MachineB
(including the server identity certificate that MachineA is using).

Cheers
Ken

--
IIS Blog: http://www.adOpenStatic.com/cs/blogs/ken


"Lars Bonnesen" wrote in message
news:%23rTFqDLXGHA.4620@TK2MSFTNGP04.phx.gbl...
:I have set up a website with SSL on machine "A" and requested a
: certificate - Installed Stand alone CA on machine "B" and invoked the
: certifikate on this and imorted that to machina "A".
:
: It works, but clients cannot accept the certificate. They get a "Windows
: does not have enough information to verify this certificate" and therefore
: they allways get the annoying window where they are promted for "yes"
: because the certificate is not trusted.
:
: How to trust a self signed cert?
:
: Regards, Lars.
:
:

Re: Self signed standalone CA gives: "Windows does not have enough information to verify this c

On every client, you must import the self signed cert into its trusted root.

Blog entry describing how this all works. Read the comments, too.

http://blogs.msdn.com/david.wang/archive/2005/08/02/Free_SSL _on_IIS.aspx

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//

"Lars Bonnesen" wrote in message
news:%23rTFqDLXGHA.4620@TK2MSFTNGP04.phx.gbl...
>I have set up a website with SSL on machine "A" and requested a
>certificate - Installed Stand alone CA on machine "B" and invoked the
>certifikate on this and imorted that to machina "A".
>
> It works, but clients cannot accept the certificate. They get a "Windows
> does not have enough information to verify this certificate" and therefore
> they allways get the annoying window where they are promted for "yes"
> because the certificate is not trusted.
>
> How to trust a self signed cert?
>
> Regards, Lars.
>

Re: Self signed standalone CA gives: "Windows does not have enough information to verify this c

You are right - I was puzzled about this for a long time, but now it works.

Thanks!

Regards, Lars.

"Ken Schaefer" skrev i en meddelelse
news:e1qq7KRXGHA.1228@TK2MSFTNGP02.phx.gbl...
> You need to obtain the CA's root signing certificate (from MachineB), and
> install that into the "Trusted Root CA" part of the client's certificate
> store. Then the client's will trust certificates signed by MachineB
> (including the server identity certificate that MachineA is using).
>
> Cheers
> Ken
>
> --
> IIS Blog: http://www.adOpenStatic.com/cs/blogs/ken
>
>
> "Lars Bonnesen" wrote in message
> news:%23rTFqDLXGHA.4620@TK2MSFTNGP04.phx.gbl...
> :I have set up a website with SSL on machine "A" and requested a
> : certificate - Installed Stand alone CA on machine "B" and invoked the
> : certifikate on this and imorted that to machina "A".
> :
> : It works, but clients cannot accept the certificate. They get a "Windows
> : does not have enough information to verify this certificate" and
> therefore
> : they allways get the annoying window where they are promted for "yes"
> : because the certificate is not trusted.
> :
> : How to trust a self signed cert?
> :
> : Regards, Lars.
> :
> :
>
>