stef686 — 2013-04-15T06:19:51-04:00 — #1
We have just installed an SSL certificate on the following domain:
In all browsers apart from IE there are no security warnings and there are no references to insecure pages in the HTML.
In IE on some computers we are seeing the following warning:
There is a problem with this website's security certificate
The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website.
This is only happening on some computers though, we have one computer in the studio this is happening on and another that it is not. (We have checked the computer's clock).
Has anyone come across an issue like this in the past?
technobear — 2013-04-15T06:23:42-04:00 — #2
Are both computers running the same versions of Windows and IE, and are the security settings the same on both?
stef686 — 2013-04-15T06:28:15-04:00 — #3
The on that is working is running IE7 and the one that is giving an error is running IE9. Security settings are the same on both. I am also aware that the client's PC is running IE8 and giving the same error.
andygambles — 2013-04-15T06:46:53-04:00 — #4
It looks like when checking the server Port the Parallels Panel cert is being returned rather than the CA certificate.
Is the website on a shared IP in Parallels?
In Parallels go to the Server IP Settings. Then for the IP used by the domain you need to specify a default certificate. This should be the certificate used by the website. At the moment it is probably "Default Certificate"
Alternatively at server level select the SSL Certificates option. Add your certificate and then select "Make Default Certificate".
If this is shared hosting and you can not do the above at server level then go to Websites & Domains > Show Advanced > Website Scripting and Security under the tick for "Enable SSL Support" make sure your certificate is selected. Otherwise the default certificate as stated above will be loaded.
Some of these options may be named slightly different or in slightly different places depending on your Panel version.
Hope that helps.
stef686 — 2013-04-15T07:01:39-04:00 — #5
Thanks for the advice, I've just logged into Parallels and checked all of these settings. The site is on its own IP address, and within Websites & Domains > Show Advanced > Website Scripting and Security it's SSL certificate is selected. So it shouldn't be loading the Parallels panel cert at all!
andygambles — 2013-04-15T07:13:49-04:00 — #6
Have you checked under Tools & Settings > IP Address > Website IP and then added the certificate as the default for that IP?
stef686 — 2013-04-15T08:20:20-04:00 — #7
That did the trick! Many thanks
andygambles — 2013-04-15T09:07:12-04:00 — #8
Some browsers (such as IE) connect to port 443 on the IP address in order to validate the certificate. In this case the certificate presented was the default Parallels one.
This is caused by the different ways browsers are interpreting SNI.