Receiving SSL certificate errors only from some clients

google-chrome internet-explorer ssl certificate
5,659

The issue was surrounding the certificate's hashing algorithm (SHA2-256) which isn't supported by these versions of Windows.

KB968730 - Windows Server 2003 and Windows XP clients cannot obtain certificates from a Windows Server 2008-based certification authority (CA) if the CA is configured to use SHA2 256 or higher encryption.

Many thanks to the author of this great article where I found the answer.

Share:
5,659

Related videos on Youtube

Nico M
Author by

Nico M

Updated on September 18, 2022

Comments

  • Nico M
    Nico M over 1 year

    I am receiving SSL certificate errors from Chrome (latest version (23.0.1271.52 beta-m) and Internet Explorer 6 (not used) on my home desktop machine (Windows XP SP2). In Firefox, the site works fine on this PC. My laptop and work desktop (both Windows 7) also seem to work just fine. Most SSL website checking sites report that the certificate and chain up to the root CA are setup correctly, but I have come across about 2 that that say I have an invalid certificate but don't give much information on which piece is failing.

    I know it used to work properly on this desktop (in Chrome and IE) in the past, but I'm not sure what has changed that is causing the site to fail in these browsers. Can anyone provide any assistance? This is driving me nuts!

    Screenshot of error:

    http://i.imgur.com/cDD6P.png

  • Nico M
    Nico M over 11 years
    The only update available at this point is to upgrade to Windows XP Service Pack 3. I think you might be on to something, but really don't want to upgrade and have it not work. The part that doesn't make sense and is keeping me from trying that is, why would it stop working?
  • EliadTech
    EliadTech over 11 years
    Because maybe the site changed their cert issuer. And I think that MS sometimes takes off certs during updates. You can take a backup image jnust in case you'd want to roll back, or you can try install the Chain Root Cert of this issuer.
  • Nico M
    Nico M over 11 years
    I operate the site and the certificate hasn't changed. Also, the root and intermediate certs are showing as trusted.
  • Nico M
    Nico M over 11 years
    I've just found that Windows Server 2003 SP2 (both IE and Chrome latest versions) are displaying the same errors. Driving me nuts. Anyone have any suggestions?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Chrome - certificate settings in Registry
How to debug ERR_PROXY_CERTIFICATE_INVALID?
Chrome is not accepting my IIS self-signed certificate
Untrusted certificate with Internet Explorer 11
Disable Chrome from checking SSL certificates completely
certificate errors via chrome and IE
Install SSL certificate from an untrusted website into the Certificates snap-in using IE
Is there a way to extract a "private certificate key" from Chrome and import it into Firefox?
Chrome shows site as "Not Secure" (Cert Invalid), but certificate is correct
Unable to use client certificates in Chrome or IE on Windows 10