Hey Everyone,
I've been trying to research this, but haven't found a clear answer. I host my own web sites for a couple of domains, including some secure areas protected with SSL. I only have 1 public IP, so I have to host everything on 1 box. I've been doing this under Win2k3/IIS6 by setting up virtual sites via host-headers and then for the secure area, I have 1 certificate that is from my own enterprise root CA, and the secure content is only within the default site. This works since any SSL will default to the default web site, where it will find the appropriate certificate.
The problem I've been having is that the response to accept/deny the certificate takes an unusually and inconsistently long time. Since I don't have a certificate from a "trusteds root CA", the box always pops up asking weather I want to accept it or not. THis is fine. But when using IE, it takes a good 30-60 seconds for IIS to respond with that dialog. I've heard that once it discovers that the CA isn't a trusted root CA, it has to time itself out before sending the response. Makes sense...kinda. However I found out today that if I use Opera or Netscape browsers of the latest flavor, it comes back right away!
So my question is this...where does the problem lie? In IIS or IE? I played with some of the security settings in IE with no luck. Due to the number of people using it, I don't think it's worth buying a trusted certificate. Any ideas or insights into this annomoly?
Thanks in advance,
Jazzman
I've been trying to research this, but haven't found a clear answer. I host my own web sites for a couple of domains, including some secure areas protected with SSL. I only have 1 public IP, so I have to host everything on 1 box. I've been doing this under Win2k3/IIS6 by setting up virtual sites via host-headers and then for the secure area, I have 1 certificate that is from my own enterprise root CA, and the secure content is only within the default site. This works since any SSL will default to the default web site, where it will find the appropriate certificate.
The problem I've been having is that the response to accept/deny the certificate takes an unusually and inconsistently long time. Since I don't have a certificate from a "trusteds root CA", the box always pops up asking weather I want to accept it or not. THis is fine. But when using IE, it takes a good 30-60 seconds for IIS to respond with that dialog. I've heard that once it discovers that the CA isn't a trusted root CA, it has to time itself out before sending the response. Makes sense...kinda. However I found out today that if I use Opera or Netscape browsers of the latest flavor, it comes back right away!
So my question is this...where does the problem lie? In IIS or IE? I played with some of the security settings in IE with no luck. Due to the number of people using it, I don't think it's worth buying a trusted certificate. Any ideas or insights into this annomoly?
Thanks in advance,
Jazzman
Facebook
Twitter