Need help, someone with win98

Toggle sidebar Toggle sidebar
C

Czar

Lifer
Oct 9, 1999
28,510
0
0
https://193.4.196.100/innkaupakort
go to that link and tell me the error message you get or if you get no errors

for some reason it works in all Win2000 and Winxp machines but in no Win98 machines, tells us that it reqires 128bit encryption pack. The weird thing is that on the Win98 machine I'm testing it on it gives me a dns error.
 
spanky

spanky

Lifer
Jun 19, 2001
25,716
4
81
i went there and get no errors... then i realized i use XP. oops.

ehhh... bump.
 
B

Beau

Lifer
Jun 25, 2001
17,730
0
76
www.beauscott.com
it gave me an error on Win2k. Just says that the common name on the certificate doesn't match the address. Probably because you're linking an IP address, and not the domain name of the site.
 
C

Czar

Lifer
Oct 9, 1999
28,510
0
0
Originally posted by: Beau6183
it gave me an error on Win2k. Just says that the common name on the certificate doesn't match the address. Probably because you're linking an IP address, and not the domain name of the site.
Click to expand...
what do you mean?


this is the error I get at my win2k server at home, probably because it lacks the update

The page must be viewed with a high-security Web browser
The page you are trying to view requires the use of a Web browser configured for 128-bit encryption.

--------------------------------------------------------------------------------

Please try the following:

Upgrade your Web browser to the 128-bit version.
If your Web browser does support 128-bit encryption, or if you believe you should be able to view this directory or page, please contact the Web site administrator by using the e-mail address or phone number listed on the 193.4.196.100 home page.
HTTP 403.5 - Forbidden: SSL 128 required
Internet Information Services

--------------------------------------------------------------------------------


 
B

Beau

Lifer
Jun 25, 2001
17,730
0
76
www.beauscott.com
Originally posted by: Czar
Originally posted by: Beau6183
it gave me an error on Win2k. Just says that the common name on the certificate doesn't match the address. Probably because you're linking an IP address, and not the domain name of the site.
Click to expand...
what do you mean?


this is the error I get at my win2k server at home, probably because it lacks the update

The page must be viewed with a high-security Web browser
The page you are trying to view requires the use of a Web browser configured for 128-bit encryption.

--------------------------------------------------------------------------------

Please try the following:

Upgrade your Web browser to the 128-bit version.
If your Web browser does support 128-bit encryption, or if you believe you should be able to view this directory or page, please contact the Web site administrator by using the e-mail address or phone number listed on the 193.4.196.100 home page.
HTTP 403.5 - Forbidden: SSL 128 required
Internet Information Services

--------------------------------------------------------------------------------
Click to expand...


When you register for a SSL certificate, the common name (or the full domain name of the website you will be using SSL on, ie: www.yourdomain.com or secure.mydomain.com) is used to make sure that the site using it is indeed the one that it was mean for. If it differs (like yours does with the IP address != domain name) then it will give a security alert. Try using the domain name.


Also, your server is not scaling the security down. It is requiring 128bit encryption. AFAIK 128 bit was an american standard, and was difficult/illegal to use outside of the US untill a year or two ago. Go to M$'s website and download the 128bit encryption pack for win98.
 
C

Czar

Lifer
Oct 9, 1999
28,510
0
0
Originally posted by: Beau6183
When you register for a SSL certificate, the common name (or the full domain name of the website you will be using SSL on, ie: www.yourdomain.com or secure.mydomain.com) is used to make sure that the site using it is indeed the one that it was mean for. If it differs (like yours does with the IP address != domain name) then it will give a security alert. Try using the domain name.


Also, your server is not scaling the security down. It is requiring 128bit encryption. AFAIK 128 bit was an american standard, and was difficult/illegal to use outside of the US untill a year or two ago. Go to M$'s website and download the 128bit encryption pack for win98.
Click to expand...
makes sense, but why does it work for me here? and for everyone at the company?

the reason for this is that there are some people in another town who need access to it and they are using stupid win98 on a company network!!
rolleye.gif
 
iamwiz82

iamwiz82

Lifer
Jan 10, 2001
30,772
13
81
they released 128bit all over the place now?? I know as of just a few months ago, it was still 40bit. The company i work for is global and we have had to deal with that. Currently our WAN still runs at 40bit on their side.
 
B

Beau

Lifer
Jun 25, 2001
17,730
0
76
www.beauscott.com
Originally posted by: Czar
Originally posted by: Beau6183
When you register for a SSL certificate, the common name (or the full domain name of the website you will be using SSL on, ie: www.yourdomain.com or secure.mydomain.com) is used to make sure that the site using it is indeed the one that it was mean for. If it differs (like yours does with the IP address != domain name) then it will give a security alert. Try using the domain name.


Also, your server is not scaling the security down. It is requiring 128bit encryption. AFAIK 128 bit was an american standard, and was difficult/illegal to use outside of the US untill a year or two ago. Go to M$'s website and download the 128bit encryption pack for win98.
Click to expand...
makes sense, but why does it work for me here? and for everyone at the company?

the reason for this is that there are some people in another town who need access to it and they are using stupid win98 on a company network!!
rolleye.gif
Click to expand...

The domain name/common name/IP error shouldn't deny access to the site, just show an error.

The error you described needs to have the 128bit pack. Like I said, it was an american standard and wasn't available till a couple of years ago. Win2k and XP came with it already installed. NT 4 needs SP3 128 or higher. 9X/NT4 didn't ship with 128bit encryption compatibility.

just have them go to WindowsUpdate and download the roll up pack.
 
B

Beau

Lifer
Jun 25, 2001
17,730
0
76
www.beauscott.com
Originally posted by: iamwiz82
they released 128bit all over the place now?? I know as of just a few months ago, it was still 40bit. The company i work for is global and we have had to deal with that. Currently our WAN still runs at 40bit on their side.
Click to expand...

I'm pretty sure they did. I may be mistaken, though.
 
iamwiz82

iamwiz82

Lifer
Jan 10, 2001
30,772
13
81
Originally posted by: Beau6183
Originally posted by: iamwiz82
they released 128bit all over the place now?? I know as of just a few months ago, it was still 40bit. The company i work for is global and we have had to deal with that. Currently our WAN still runs at 40bit on their side.
Click to expand...

I'm pretty sure they did. I may be mistaken, though.
Click to expand...

yep, you are correct. Looks like it just happened. It is still illegal in US embargoed countries.
 
C

Czar

Lifer
Oct 9, 1999
28,510
0
0
Originally posted by: Beau6183

The domain name/common name/IP error shouldn't deny access to the site, just show an error.

The error you described needs to have the 128bit pack. Like I said, it was an american standard and wasn't available till a couple of years ago. Win2k and XP came with it already installed. NT 4 needs SP3 128 or higher. 9X/NT4 didn't ship with 128bit encryption compatibility.

just have them go to WindowsUpdate and download the roll up pack.
Click to expand...
thats what it shows on my win2k machine at home, works on winxp and win2k machiens at work but the "only" win98 machine here doesnt even connect to it, just gives me a dns error but other ssl sites work (though not sure if they are using 40 or 128bit)

That win98 has all the updates from microsoft.

 
B

Beau

Lifer
Jun 25, 2001
17,730
0
76
www.beauscott.com
Originally posted by: Czar
Originally posted by: Beau6183

The domain name/common name/IP error shouldn't deny access to the site, just show an error.

The error you described needs to have the 128bit pack. Like I said, it was an american standard and wasn't available till a couple of years ago. Win2k and XP came with it already installed. NT 4 needs SP3 128 or higher. 9X/NT4 didn't ship with 128bit encryption compatibility.

just have them go to WindowsUpdate and download the roll up pack.
Click to expand...
thats what it shows on my win2k machine at home, works on winxp and win2k machiens at work but the "only" win98 machine here doesnt even connect to it, just gives me a dns error but other ssl sites work (though not sure if they are using 40 or 128bit)

That win98 has all the updates from microsoft.
Click to expand...

What is the exact DNS error you are getting?
 
T

tcsenter

Lifer
Sep 7, 2001
18,949
573
126
I am running Win98SE with IE5.5SP1 128bit encryption pack and I get the same error.

-------begin--------

The page cannot be displayed

The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings.

Please try the following:

Click the Refresh button, or try again later.

If you typed the page address in the Address bar, make sure that it is spelled correctly.

To check your connection settings, click the Tools menu, and then click Internet Options. On the Connections tab, click Settings. The settings should match those provided by your local area network (LAN) administrator or Internet service provider (ISP).

If your Network Administrator has enabled it, Microsoft Windows can examine your network and automatically discover network connection settings.

If you would like Windows to try and discover them,
click Detect Network Settings

Some sites require 128-bit connection security. Click the Help menu and then click About Internet Explorer to determine what strength security you have installed.

If you are trying to reach a secure site, make sure your Security settings can support it. Click the Tools menu, and then click Internet Options. On the Advanced tab, scroll to the Security section and check settings for SSL 2.0, SSL 3.0, TLS 1.0, PCT 1.0.

Click the Back button to try another link.

Cannot find server or DNS Error
Internet Explorer

---------end---------
 
B

Beau

Lifer
Jun 25, 2001
17,730
0
76
www.beauscott.com
Okay, just go to the IIS control panel, site properties, security, and uncheck "Require 128 bit encryption"

Just make sure to redirect all requests to a secure address to ensure that they are using SSL (beit 40bit, 64, or 128).

You can do this by checking to make sure that they are on port 443 (default SSL port) using the servervariables object.
 
C

Czar

Lifer
Oct 9, 1999
28,510
0
0
Originally posted by: Beau6183
Okay, just go to the IIS control panel, site properties, security, and uncheck "Require 128 bit encryption"

Just make sure to redirect all requests to a secure address to ensure that they are using SSL (beit 40bit, 64, or 128).

You can do this by checking to make sure that they are on port 443 (default SSL port) using the servervariables object.
Click to expand...
think its the redirect problem, I tried disableing the 128bit reqirement and that didnt work.

how do I check if the redirect is correct?
 
B

Beau

Lifer
Jun 25, 2001
17,730
0
76
www.beauscott.com
Originally posted by: Czar
Originally posted by: Beau6183
Okay, just go to the IIS control panel, site properties, security, and uncheck "Require 128 bit encryption"

Just make sure to redirect all requests to a secure address to ensure that they are using SSL (beit 40bit, 64, or 128).

You can do this by checking to make sure that they are on port 443 (default SSL port) using the servervariables object.
Click to expand...
think its the redirect problem, I tried disableing the 128bit reqirement and that didnt work.

how do I check if the redirect is correct?
Click to expand...

On the sites i work with, I usually just have a couple of URL handling scripts. Here's one in ASP/VBS (you'll have to convert it to JSP :p):

Sub ForceSSL()
     If Request.ServerVariables("SERVER_PORT") = 80 Then
          Dim strSecureURL
          strSecureURL = "https://"
          strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME")
          strSecureURL = strSecureURL & Request.ServerVariables("URL")
          If Trim(Request.QueryString & "") <> "" Then
               strSecureURL = strSecureURL & "?" & Request.QueryString & "&"
          End If
          If Trim(Request.Form & "") <> "" Then
               If Right(strSecureURL, 1) = "&" Then
                    strSecureURL = strSecureURL & Request.Form
               Else
                    strSecureURL = strSecureURL & "?" & Request.Form
               End If
           End If                    
           Response.Redirect strSecureURL
     End If
End Sub
 
911paramedic

911paramedic

Diamond Member
Jan 7, 2002
9,448
1
76
I have XP Pro and an alert came up saying "ok to go to non-secure site?, blah blah, blah"

My guess is that 98 is set not to go to non-secure sites by default in the settings.

As far as people getting through, it may be your proxy server (if you have one) and has cached the page. After I accepted it once and then closed the window, the next time I went to the site I did not get the alert.

But I am nuts, so who knows...
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom