Thursday, July 31, 2014

There is a problem with this website's security certificate

Goal:
To be able to navigate to websites with certificates of 512 bits or lower in Internet Explorer 10


Problem:
When navigating to, for example, the Oracle Database Manager or the Websphere Integrated Solutions Console the following page will show:






There is a problem with this website's security certificate. I usually click on 'Continue to this website (not recommended).' and I can go to the website.

But depending on the host and browser version/brand you can also encounter the following (Sometimes after clicking on the 'Continue' link)


In the first example you can ignore the warning and continue to the site, in the second example you cannot even enter the site.

My configuration was Windows Server 2012 with Internet Explorer 10. I couldn't go to the Required website anymore.


Solution:

I started searching and found the following site:

http://social.technet.microsoft.com/Forums/ie/en-US/5fdf4b07-30e6-4a0b-bb08-9adc45d42d54/ie10-there-is-a-problem-with-this-websites-security-certificate?forum=ieitprocurrentver

On this site it is pointed out that there is a policy in place that required a website's certificate to have a key with a minimun bit length of 1024 bits. So when you navigate to a site with a certicate not meeting this requirement the message will come up.

The fix I used is also on that site.

First run a dosbox as Administrator.


Then enter:
certutil -setreg chain\minRSAPubKeyBitLength 512



Now I get the option again to 'Continue to the website' :)



More information from Microsoft on this:
http://support.microsoft.com/kb/2661254

GNZ