Tag Archives: SSL Certificate

how to view the certificate chain in IE

Leave a reply
Issue:  You need to determine what certificates are being used in a client SSL connection (HTTPS://) Solution: Review the certificate chain to see the Root, Intermediate, and SSL certificates being used in the connection. Procedure: 1) Click the lock icon in the address bar and the Website Identification window will open.  Click "View Certificates" 2) click the Certification Path tab to view the certificate chain.  Then select the certificate you'd like to view and click "View Certificate" Read more [...]

USERTrust intermediate certificate malformed

Leave a reply
Issue: Users receive errors USERTrust Legacy Secure Server CA is malformed or invalid.  IE users may receive error: "Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site’s security certificate". Example of USERTrust malformed certificate error in Chrome connecting to OWA: Cause: The USERTrust intermediate cert issued by Comodo references an Entrust.net root cert that does not meet the new 2048-bit requirements. Ramifications: As Read more [...]

how to import an intermediate certificate

Leave a reply
Many third party certificates require an intermediate certificate reside in your certificate store.  These instructions will walk you through the import process.  The examples are for GoDaddy but apply to many other certificate providers. 1) Download the intermediate certificate from your certificate authority (GoDaddy, etc). 2) Open the mmc console (start, run, mmc) 3) click File > Add/Remove Snap-in... 4) select Certificates 5) select Computer account 6) certificates > All Tasks > Read more [...]

Exchange 2013 SSL certificate request step by step

1 Reply
Exchange 2013 includes a self signed SSL Certificate to facilitate SSL encryption. However, this self-signed cert is not recognized by web browsers and mobile devices and will cause security warnings and connection failures.  The solution is to utilize an SSL certificate from a recognized third-party certificate provider (like GoDaddy, NameCheap, Etc).  If you haven't purchased a new cert yet, here is my quick guide to dependable and cheap ssl certificates. How to create a new certificate request Read more [...]

Setup TLS on inbound email from specific domains – IronPort

4 Replies
Issue: You would like to require (or attempt) TLS encryption on inbound email communications from specific partner email domains. Solution Snippet: In this walkthrough we will be creating a partner Sender Group and Mail a Flow Policy that prefers or requires TLS encrypted communication. Solution Walkthrough Create a new Mail Flow Policy called "TLS_Required_Policy" click Mail Policies > Mail Flow Policies click the Add Policy button put TLS_Required_Policy in the Name field Scroll down Read more [...]