Difference between revisions of "Import certificate in browser"

Introduction

Proxmox VE uses https (SSL) for it's admin interface and it is imperative that self-signed certificates (safe when used in a trusted LAN) be accessible in MS Internet Explorer.

The Problem

Recently, MS Internet Explorer (versions 8,9,10,11 tested) began providing the Certificate Error warning page without the Continue to Website link like:

This problem surfaced on installing FireFox 31.4.0esr (it now has a successor). This was necessitated with Firefox 35.0.1 being erroneous and all subsequent versions including itself causing a Windows Firewall exception getting created for it and being persistent even after removal of the exception entry.

Solution 1

Follow these steps to clear the certificate error.

• Open Internet Explorer.
• Click on Tools, Internet Options from the menu.
• Click on the Advanced tab and scroll down to the Security section.
• Clear the boxes for:
  • Check for publisher’s certificate revocation
  • Check for server certificate revocation.
• Click Apply and OK.
• Restart the MSIE Browser (and computer if needed) and check the issue.

Can thereafter revert the above as well and it still works! YMMV!

Solution 2

If you have certutil.exe in your system32 folder (Available in the Win 2K3 Server Admin Pack) then the Microsoft KB2661254 issue that raises the minimum RSA key length to 1024 can be alleviated with:

certutil -setreg chain\minRSAPubKeyBitLength 512

and uninstalled with

certutil -delreg chain\MinRsaPubKeyBitLength

For WinXP and others, the registry can be edited to possess the following entry:

HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDLLCreateCertificateChainEngine\Config\
DWORD (32 bit) : MinRSAPubKeyBitLength
value : 512(decimal)

References

• Certificate Import
• IE 10 Missing Continue Option