The identity of this website has not been verified for openssl

google-chrome ssl openssl exchange-server
12,878

This has nothing to do with openssl but is because how SSL/TLS work.

A certificate is like an identification document signed by a trusted entity (like a government). The browsers and operating systems get shipped with a set of trusted entities, the "root CA (certificate agency)". Since your certificate is not signed by any of the built-in trusted entities the browser refuses to trust it and you get this error message. This trust check is essential when validating the certificate. If it would not be done anybody could claim your identity and thus hijack the encrypted connection (man-in-the-middle attack).

So your only options are either to get a certificate from a trusted entity or to add yourself as a trusted entity into each browser and operating system which should be able to access your site. Of course this can only be done for endpoints you control.

Share:
12,878
James123
Author by

James123

Updated on June 04, 2022

Comments

  • James123
    James123 almost 2 years

    I am new to ssl cerifications. I have installed openssl certificate for my exchange server because I don't want to pay to certificate. It is working fine on the server and local network. But when I tried outside the network. I am still getting ssl error on chrome and IE browsers like showing below.

    I don't know openssl works outside the network or not? if not why openssl use of it?. Or I am missing something?

    enter image description here

  • jww
    jww about 9 years
    "...but is because how SSL/TLS work." - its due to the Browsers enforcing CA/B Forum polices, and not SSL/TLS.
  • Steffen Ullrich
    Steffen Ullrich about 9 years
    I think the different roles of the various SSL/TLS standards, the rules of CA/B Browser forum and there interpretation by CA and browsers is way too much detail for somebody which is new to certificates. And the knowledge of this is not even needed to understand the issue. Also, the main aspect of this sentence was to point out that is has nothing to do with openssl.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Fake UserTrust.com Certificates in Chrome?
How can I get Chrome accepting self signed certificates?
Subject Alternative Name Missing & ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Cannot connect to wss with Flutter
Comodo SSL: ERR_CERT_AUTHORITY_INVALID on Chrome mobile and Opera mobile (Android)
LetsEncrypt SSL Error - SSL routines:ssl3_get_record:wrong version number
Error while creating self-signed SSL certificate
OpenSSL Verify Peer (Client) Certificate in C++
SSL/HTTPS client in C
python3 and requests: still getting 'sslv3 alert handshake failure'