• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

IIS6 SelfSSL

T

tyanni

Senior member
I've created a self signed certificate in IIS6 using SelfSSL on a test server. When I connect from my laptop, which has IE7 installed, it works fine. However, it doesn't work when I try to connect from any machine with IE6. After some troubleshooting, I've discovered that I can connect if I enable TLS 1.0 in IE6, which is enabled by default in IE7.

So, why does IE require TLS to connect to a site which is supposedly secured using SSL? Does SelfSSL actually create a TLS cert (if this even exists) or am I missing something?

Thanks,
Tim
 
Regenerating the cert didn't work. Here is the command I am running -

SSLDiag /selfssl /V:730 /N:CN=mysite.test.com /S:18930566

Certificate appears in the site, and all of the info does look valid. However, if I run SSLDiag, it reports that its found a SSLCertHash and SSLStoreName, but can't find a CertName, Private Key, Subject, Issuer, or Validity. I am not sure if this is because its a self signed cert or a symptom of something bigger. However, if I view the cert from IIS Manager, it does claim I have a corresponding private key.

Thanks!
Tim
 
Does your server have the "System Cryptography: Use FIPS compliant algorithms for encryption, hashing and signing" group policy enabled?

Enabling this will cause IIS to only negotiate TLS.
 
Okay, thats definitely the issue. Part of the role of this test server is to verify compatability with our new GPO structure, which is loosely based on the MS Specialized Security - Limited Functionality Template, which I believe has the FIPS option enabled. The next question then, is where can I go to read up on why TLS is able to be used when an SSL certificate is enabled? I thought TLS was the successor to SSL - does it also use SSL certs?

Thanks for the help so far!

Thanks,
Tim
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top