Thank you. We now found a couple of other users which are able to get through to the website, so now some of us can and some of us can't. I'm guessing it has to be in the browsers of those of us who can't, but why would we not be able to access from all browsers (IE, Firefox, Chrome)? I'm extremely confused.
Thanks for all of your help. This has taken a different turn so I think I can take it from here. Larry Cohen On Fri, Jun 26, 2015 at 1:57 PM, Yehuda Katz <yeh...@ymkatz.net> wrote: > That is a generic error message when Chrome does not have a more specific > error to show. > > Something else I would try is to use something like the openssl command > line to verify the certificate. > You can use the command "openssl s_client -connect server_name:443" to > have OpenSSL tell you what certificate is actually being served. > Once it gets to the end of the output, it will appear to hang - it is > actually waiting for input, so you can just stop it. > The output should show you the protocol and ciphers that were in use. > Example: > [image: Inline image 1] > > What does yours say? > > - Y > > > On Fri, Jun 26, 2015 at 1:21 PM, Cohen, Laurence <lco...@novetta.com> > wrote: > >> Thank you. Chrome says "You cannot visit website xxx.yyy.com right now >> because the website sent scrambled credentials that Chrome cannot process. >> I'm not sure where these credentials are coming from, but I'm assuming this >> is the .crt files in httpd/conf/ssl.crt. >> >> Thanks, >> >> Larry >> >> On Fri, Jun 26, 2015 at 1:16 PM, Yehuda Katz <yeh...@ymkatz.net> wrote: >> >>> When Chrome does not show the coninue option, it usually has an >>> additional error message where the button would be that shows more details. >>> For example, this is an HSTS error: >>> http://blogs.msdn.com/cfs-filesystemfile.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-47-13-metablogapi/8446.chrome37_5F00_404325B2.png >>> >>> Microsoft lists several reasons that the continue button would not be >>> shown in IE. >>> http://blogs.msdn.com/b/ieinternals/archive/2014/02/02/10481591.aspx >>> >>> The error page’s *Continue* link is hidden: >>> >>> 1. If the certificate is revoked >>> 2. If the certificate is deemed insecure >>> >>> <http://blogs.msdn.com/b/ieinternals/archive/2012/06/13/windows-internet-explorer-block-rsa-key-shorter-than-1024-bits.aspx> >>> (e.g. >>> contains a 512-bit RSA key) >>> 3. If the page is in a “pinned site” instance >>> >>> <http://blogs.msdn.com/b/ie/archive/2011/03/11/internet-explorer-9-security-part-3-browse-more-securely-with-pinned-sites.aspx> >>> 4. If group policy is set to Prevent Ignoring Certificate Errors >>> >>> >>> The article is old, but I believe these are still correct. >>> Could one of those be your issue? >>> - Y >>> >>> On Fri, Jun 26, 2015 at 1:06 PM, Cohen, Laurence <lco...@novetta.com> >>> wrote: >>> >>>> Thanks for the response Yehuda. Unfortunately Chrome doesn't give me >>>> this error. It just tells me that my connection isn't private. When I >>>> click on advanced there is no option to go forward to the web server like I >>>> get on some of the other servers I work with. >>>> >>>> Larry Cohen >>>> >>>> On Fri, Jun 26, 2015 at 12:33 PM, Yehuda Katz <yeh...@ymkatz.net> >>>> wrote: >>>> >>>>> I have seen this happen when you send an HSTS header. The Chrome error >>>>> would say that specifically. >>>>> A workaround would be to install that certificate on your system (with >>>>> the mmc certificate snap-in) so that it becomes a trusted certificate - >>>>> trusted site in IE is not enough. >>>>> >>>>> - Y >>>>> >>>>> On Fri, Jun 26, 2015 at 10:54 AM, Cohen, Laurence <lco...@novetta.com> >>>>> wrote: >>>>> >>>>>> I have a test server on which we have a self-signed certificate. I >>>>>> get the error "There is a problem with this website's security >>>>>> certificate." which is expected because I'm using a self-signed cert. >>>>>> Normally I click on "Continue to this website (not recommended)." and it >>>>>> goes through to my website without a problem. Now, however, the only >>>>>> thing >>>>>> that happens is that the link mentioned in the last sentence disappears, >>>>>> and I don't get to my website. >>>>>> >>>>>> I'm using IE currently, but I've also tested in Firefox and Chrome >>>>>> and I basically have the same problem. The apache version is 2.2. I >>>>>> looked around for a solution, and I've added my site to the trusted sites >>>>>> as recommended, but it still doesn't work. I looked in the error_log >>>>>> and I >>>>>> don't see anything except a child connecting and then disconnecting right >>>>>> after that. >>>>>> >>>>>> Any suggestions would be appreciated. >>>>>> >>>>>> Thanks, >>>>>> >>>>>> Larry Cohen >>>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> [image: www.novetta.com] >>>> >>>> Larry Cohen >>>> >>>> System Administrator >>>> >>>> >>>> 12021 Sunset Hills Road, Suite 400 >>>> >>>> Reston, VA 20190 >>>> >>>> Email lco...@novetta.com >>>> >>>> Office 703-885-1064 >>>> >>>> >>> >> >> >> -- >> >> [image: www.novetta.com] >> >> Larry Cohen >> >> System Administrator >> >> >> 12021 Sunset Hills Road, Suite 400 >> >> Reston, VA 20190 >> >> Email lco...@novetta.com >> >> Office 703-885-1064 >> >> > -- [image: www.novetta.com] Larry Cohen System Administrator 12021 Sunset Hills Road, Suite 400 Reston, VA 20190 Email lco...@novetta.com Office 703-885-1064
