SSL problem using Macintosh browser

Discussion in 'ASP .Net Security' started by Bob Skutnick, Dec 17, 2003.

  1. Bob Skutnick

    Bob Skutnick Guest

    Greetings,
    I'm hoping someone has experienced a problem I'm having:

    I have an existing ASP application (working fine) that
    uses an SSL server certificate. My user community is made
    up of both PC's and Macintosh computers.

    I've re-written this application in ASP.NET for a number
    of reasons and now find that my Mac users are having
    problems with the application. SSL works just fine for PC
    users, won't work for Mac users (browser is Internet
    Explorer). When a Mac user tries to login to my
    application using SSL (https://) the browser produces an
    error saying "Security failure, a secure connection could
    not be established". Mac users can use the site/app
    without SSL (http://)

    This is the same server and site and server certificate
    that was used with the ASP app. Is there a problem
    using "server.transfer()" when SSL is part of the
    equation? Any special web.config issues?

    I'm truly stumped on this one... Thanks so much for any
    assistance.

    Bob Skutnick
     
    Bob Skutnick, Dec 17, 2003
    #1
    1. Advertising

  2. Bob Skutnick

    rmac Guest

    The certificate gets installed automatically to the pc's
    in your domain. You must install the DER certificate
    manually on the Macs by going to your certificate server:
    http://certsrvname/certsrv/

    This is what worked for me.

    HTH


    >-----Original Message-----
    >Greetings,
    >I'm hoping someone has experienced a problem I'm having:
    >
    >I have an existing ASP application (working fine) that
    >uses an SSL server certificate. My user community is made
    >up of both PC's and Macintosh computers.
    >
    >I've re-written this application in ASP.NET for a number
    >of reasons and now find that my Mac users are having
    >problems with the application. SSL works just fine for PC
    >users, won't work for Mac users (browser is Internet
    >Explorer). When a Mac user tries to login to my
    >application using SSL (https://) the browser produces an
    >error saying "Security failure, a secure connection could
    >not be established". Mac users can use the site/app
    >without SSL (http://)
    >
    >This is the same server and site and server certificate
    >that was used with the ASP app. Is there a problem
    >using "server.transfer()" when SSL is part of the
    >equation? Any special web.config issues?
    >
    >I'm truly stumped on this one... Thanks so much for any
    >assistance.
    >
    >Bob Skutnick
    >
    >
    >.
    >
     
    rmac, Dec 17, 2003
    #2
    1. Advertising

  3. Bob Skutnick

    Bob Skutnick Guest

    I'm a bit confused. This is not an intranet but an
    internet app. Old ASP version never required installing
    cedrtificates manually??

    Bob

    >-----Original Message-----
    >The certificate gets installed automatically to the pc's
    >in your domain. You must install the DER certificate
    >manually on the Macs by going to your certificate

    server:
    >http://certsrvname/certsrv/
    >
    >This is what worked for me.
    >
    >HTH
    >
    >
    >>-----Original Message-----
    >>Greetings,
    >>I'm hoping someone has experienced a problem I'm having:
    >>
    >>I have an existing ASP application (working fine) that
    >>uses an SSL server certificate. My user community is

    made
    >>up of both PC's and Macintosh computers.
    >>
    >>I've re-written this application in ASP.NET for a

    number
    >>of reasons and now find that my Mac users are having
    >>problems with the application. SSL works just fine for

    PC
    >>users, won't work for Mac users (browser is Internet
    >>Explorer). When a Mac user tries to login to my
    >>application using SSL (https://) the browser produces

    an
    >>error saying "Security failure, a secure connection

    could
    >>not be established". Mac users can use the site/app
    >>without SSL (http://)
    >>
    >>This is the same server and site and server certificate
    >>that was used with the ASP app. Is there a problem
    >>using "server.transfer()" when SSL is part of the
    >>equation? Any special web.config issues?
    >>
    >>I'm truly stumped on this one... Thanks so much for any
    >>assistance.
    >>
    >>Bob Skutnick
    >>
    >>
    >>.
    >>

    >.
    >
     
    Bob Skutnick, Dec 17, 2003
    #3
  4. Bob Skutnick

    rmac Guest

    My mistake. Our Mac OS 9 users had experienced the same
    error message as you after I had secured the site. I
    wasn't using a trusted certificate. When I installed the
    certificate they were able to establish a secure
    connection.

    >-----Original Message-----
    >I'm a bit confused. This is not an intranet but an
    >internet app. Old ASP version never required installing
    >cedrtificates manually??
    >
    >Bob
    >
    >>-----Original Message-----
    >>The certificate gets installed automatically to the pc's
    >>in your domain. You must install the DER certificate
    >>manually on the Macs by going to your certificate

    >server:
    >>http://certsrvname/certsrv/
    >>
    >>This is what worked for me.
    >>
    >>HTH
    >>
    >>
    >>>-----Original Message-----
    >>>Greetings,
    >>>I'm hoping someone has experienced a problem I'm having:
    >>>
    >>>I have an existing ASP application (working fine) that
    >>>uses an SSL server certificate. My user community is

    >made
    >>>up of both PC's and Macintosh computers.
    >>>
    >>>I've re-written this application in ASP.NET for a

    >number
    >>>of reasons and now find that my Mac users are having
    >>>problems with the application. SSL works just fine for

    >PC
    >>>users, won't work for Mac users (browser is Internet
    >>>Explorer). When a Mac user tries to login to my
    >>>application using SSL (https://) the browser produces

    >an
    >>>error saying "Security failure, a secure connection

    >could
    >>>not be established". Mac users can use the site/app
    >>>without SSL (http://)
    >>>
    >>>This is the same server and site and server certificate
    >>>that was used with the ASP app. Is there a problem
    >>>using "server.transfer()" when SSL is part of the
    >>>equation? Any special web.config issues?
    >>>
    >>>I'm truly stumped on this one... Thanks so much for any
    >>>assistance.
    >>>
    >>>Bob Skutnick
    >>>
    >>>
    >>>.
    >>>

    >>.
    >>

    >.
    >
     
    rmac, Dec 18, 2003
    #4
  5. Bob Skutnick

    Bob Skutnick Guest

    I'm still unclear about "installing the certificate". My
    experience with SSL is light. I have a certificate I've
    purchased from GeoTrust. It installs on the web server. I
    enable SSL for the site on the server and the internet
    users go the site using HTTPS: and SSL kicks in. Nothing
    (installed) was required on the internet users end in the
    past???

    Thanks much.
    Bob

    >-----Original Message-----
    >My mistake. Our Mac OS 9 users had experienced the same
    >error message as you after I had secured the site. I
    >wasn't using a trusted certificate. When I installed the
    >certificate they were able to establish a secure
    >connection.
    >
    >>-----Original Message-----
    >>I'm a bit confused. This is not an intranet but an
    >>internet app. Old ASP version never required installing
    >>cedrtificates manually??
    >>
    >>Bob
    >>
    >>>-----Original Message-----
    >>>The certificate gets installed automatically to the

    pc's
    >>>in your domain. You must install the DER certificate
    >>>manually on the Macs by going to your certificate

    >>server:
    >>>http://certsrvname/certsrv/
    >>>
    >>>This is what worked for me.
    >>>
    >>>HTH
    >>>
    >>>
    >>>>-----Original Message-----
    >>>>Greetings,
    >>>>I'm hoping someone has experienced a problem I'm

    having:
    >>>>
    >>>>I have an existing ASP application (working fine)

    that
    >>>>uses an SSL server certificate. My user community is

    >>made
    >>>>up of both PC's and Macintosh computers.
    >>>>
    >>>>I've re-written this application in ASP.NET for a

    >>number
    >>>>of reasons and now find that my Mac users are having
    >>>>problems with the application. SSL works just fine

    for
    >>PC
    >>>>users, won't work for Mac users (browser is Internet
    >>>>Explorer). When a Mac user tries to login to my
    >>>>application using SSL (https://) the browser produces

    >>an
    >>>>error saying "Security failure, a secure connection

    >>could
    >>>>not be established". Mac users can use the site/app
    >>>>without SSL (http://)
    >>>>
    >>>>This is the same server and site and server

    certificate
    >>>>that was used with the ASP app. Is there a problem
    >>>>using "server.transfer()" when SSL is part of the
    >>>>equation? Any special web.config issues?
    >>>>
    >>>>I'm truly stumped on this one... Thanks so much for

    any
    >>>>assistance.
    >>>>
    >>>>Bob Skutnick
    >>>>
    >>>>
    >>>>.
    >>>>
    >>>.
    >>>

    >>.
    >>

    >.
    >
     
    Bob Skutnick, Dec 18, 2003
    #5
  6. Bob Skutnick

    rmac Guest

    Is this a new certificate? Maybe the Macs don't have this
    certificate listed in the trusted store and the PC's do. I
    do know that the company's certificate must be listed in
    the ROOT store. If you have a Mac look in the trusted
    store and see if you see this company's certificate
    listed. To do this open IE. Then Edit>Preferences then
    click "Security" under the "Web" category. This works for
    Mac OS 8.6 and 9. I don't know about OS X. This is the
    only reason I can think of that would explain your
    problem. I don't have a lot of experience with
    certificates either and, as far as Macs are concerned I
    have found very little documentation on them.

    Windows has an update for the ROOT certificate store for
    pc's on their Windows Update site. I don't have any info
    on updating Macs root store.

    I am using VeriSign's certificate for one of our sites and
    it establishes the secure connection. For the certificate
    I issued I had to install the certificate to establish the
    secure connection or I would receive the same error
    message you are receiving.


    >-----Original Message-----
    >I'm still unclear about "installing the certificate". My
    >experience with SSL is light. I have a certificate I've
    >purchased from GeoTrust. It installs on the web server. I
    >enable SSL for the site on the server and the internet
    >users go the site using HTTPS: and SSL kicks in. Nothing
    >(installed) was required on the internet users end in the
    >past???
    >
    >Thanks much.
    >Bob
    >
    >>-----Original Message-----
    >>My mistake. Our Mac OS 9 users had experienced the same
    >>error message as you after I had secured the site. I
    >>wasn't using a trusted certificate. When I installed the
    >>certificate they were able to establish a secure
    >>connection.
    >>
    >>>-----Original Message-----
    >>>I'm a bit confused. This is not an intranet but an
    >>>internet app. Old ASP version never required installing
    >>>cedrtificates manually??
    >>>
    >>>Bob
    >>>
    >>>>-----Original Message-----
    >>>>The certificate gets installed automatically to the

    >pc's
    >>>>in your domain. You must install the DER certificate
    >>>>manually on the Macs by going to your certificate
    >>>server:
    >>>>http://certsrvname/certsrv/
    >>>>
    >>>>This is what worked for me.
    >>>>
    >>>>HTH
    >>>>
    >>>>
    >>>>>-----Original Message-----
    >>>>>Greetings,
    >>>>>I'm hoping someone has experienced a problem I'm

    >having:
    >>>>>
    >>>>>I have an existing ASP application (working fine)

    >that
    >>>>>uses an SSL server certificate. My user community is
    >>>made
    >>>>>up of both PC's and Macintosh computers.
    >>>>>
    >>>>>I've re-written this application in ASP.NET for a
    >>>number
    >>>>>of reasons and now find that my Mac users are having
    >>>>>problems with the application. SSL works just fine

    >for
    >>>PC
    >>>>>users, won't work for Mac users (browser is Internet
    >>>>>Explorer). When a Mac user tries to login to my
    >>>>>application using SSL (https://) the browser produces
    >>>an
    >>>>>error saying "Security failure, a secure connection
    >>>could
    >>>>>not be established". Mac users can use the site/app
    >>>>>without SSL (http://)
    >>>>>
    >>>>>This is the same server and site and server

    >certificate
    >>>>>that was used with the ASP app. Is there a problem
    >>>>>using "server.transfer()" when SSL is part of the
    >>>>>equation? Any special web.config issues?
    >>>>>
    >>>>>I'm truly stumped on this one... Thanks so much for

    >any
    >>>>>assistance.
    >>>>>
    >>>>>Bob Skutnick
    >>>>>
    >>>>>
    >>>>>.
    >>>>>
    >>>>.
    >>>>
    >>>.
    >>>

    >>.
    >>

    >.
    >
     
    rmac, Dec 18, 2003
    #6
  7. In article <0aa601c3c575$e2054eb0$>, "Bob Skutnick"
    <> wrote:
    >I'm still unclear about "installing the certificate". My
    >experience with SSL is light. I have a certificate I've
    >purchased from GeoTrust. It installs on the web server. I
    >enable SSL for the site on the server and the internet
    >users go the site using HTTPS: and SSL kicks in. Nothing
    >(installed) was required on the internet users end in the
    >past???


    If a certificate is automatically trusted by a client program, that means
    that the client program (or the certificate store it references) trusts that
    certificate or the certificate's issuer. Some clients (such as Internet
    Explorer) ship with a list of "trusted roots" - certification authorities
    that we trust to issue certificates to servers. Other clients ship without
    trusted roots, and the user will need to install CAs' certificates to ensure
    that certificates can be trusted by the client.

    Obviously, the CA certificate for the CA that issued your certificate is in
    the default set of trusted roots on the Windows systems, but not in the set
    of trusted roots on the Macs. You can fix this in a number of ways - either
    get the clients to install the CA's certificate, or your certificate, or get
    your server's certificate from a CA that is trusted by more clients.

    Alun.
    ~~~~

    [Please don't email posters, if a Usenet response is appropriate.]
    --
    Texas Imperial Software | Find us at http://www.wftpd.com or email
    1602 Harvest Moon Place | .
    Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers.
    Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
     
    Alun Jones [MS MVP], Dec 24, 2003
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mark
    Replies:
    0
    Views:
    369
  2. Bob Skutnick
    Replies:
    8
    Views:
    564
  3. Vinu
    Replies:
    2
    Views:
    499
    Steve W. Jackson
    Dec 15, 2004
  4. =?Utf-8?B?Q2hyaXMgRGF2b2xp?=

    Macintosh browser buttons disabled.

    =?Utf-8?B?Q2hyaXMgRGF2b2xp?=, Mar 28, 2007, in forum: ASP .Net
    Replies:
    1
    Views:
    389
    Mark Rae
    Mar 28, 2007
  5. Mathieu Maes

    e.layerX problem on Macintosh browsers

    Mathieu Maes, Oct 24, 2008, in forum: Javascript
    Replies:
    18
    Views:
    197
    Thomas 'PointedEars' Lahn
    Oct 29, 2008
Loading...

Share This Page