发表新帖
发表新帖

IE8 SSL Cert Problems while other browsers work like a charm

后端 未结
关注
3 1605
我寻月下人不归
我寻月下人不归 2021-01-20 11:24

I bought a SSL Cert which should work with iE 5+, but it doesn`t. All other browsers i tested work perfectly - no errors - just the site I want to display. But IE8 and small

相关标签:
3条回答
  • 礼貌的吻别
    2021-01-20 12:01

    I ran into a similar situation where the cert was working OK on all browsers except for IE (of course!). This is on Apache and the SSL cert had been issued by RapidSSL. Turned out in my case, that I had virtual host file default-ssl active, so somehow IE was picking up on that on the default self-signed cert instead of the rapidSSL cert referred to in my site virtual host.

    Deactivated ssl-default, reloaded apache and that did it.

    0 讨论(0)
  • 说谎
    2021-01-20 12:05

    Something odd is going on; if you use the link below you will see that the server is not returning the server cert and intermediate cert, but a single self signed Parallels Plesk Panel CA cert.

    http://certlogik.com/ssl-checker/www.minol-fb.de

    Using the openssl command below, I get the same Plesk certificate returned:

    openssl s_client -showcerts -connect www.minol-fb.de:443

    Perhaps this may help:

    http://knowledgelayer.softlayer.com/questions/457/Installing+a+SSL+Certificate+in+Plesk+9

    UPDATE:

    Looks like you've sorted out the config; using the above tool I can see the correct certs are now being returned.

    0 讨论(0)
  • 轻奢々
    2021-01-20 12:07

    You must have configured multiple certificates using Server Name Indication without knowing it.

    If you use this, you get a self-signed certificate:

    openssl s_client -showcerts -connect www.minol-fb.de:443

    If you use this (with the server name), you get the correct certificate:

    openssl s_client -showcerts -connect www.minol-fb.de:443 -servername www.minol-fb.de

    You probably get a different behaviour with older versions of IE because you're testing them on XP. No version of IE supports SNI on Windows XP unfortunately. Other browsers (with sufficiently recent versions) do, at least independently on the OS version they run on.

    If you don't need that other host, you can probably remove that configuration, so as not to have to rely on SNI at all.

    0 讨论(0)
 看不清?
提交回复
热议问题