Re: Strange SSL Issue

From: Brian (pbjason9_at_covad.net)
Date: 09/11/03

  • Next message: Ulrich Boche: "Re: Strange SSL Issue" 
    Date: Wed, 10 Sep 2003 21:20:24 -0700

    Abu,

    Sounds really interesting...

    Have you checked to see if the server certificates have the same serial
    number (the last certificates in chain)? Just off the top of my head i'm
    wondering if there are multiple servers (i.e. load balanced) that each have
    different certs and one of the certs was issued by an expired CA. I'm
    assuming you're not the web admin?

    Probably a shot in the dark but you never know... I've seen all kinds of
    weird things dealing with PKI/SSL/etc...

    B

    "Abu Muhammad" <calling_saad@hotmail.com> wrote in message
    news:ad09d363.0309101312.574c4b9@posting.google.com...
    > To all the gurus out there,
    >
    > My program (in house built) is connecting to a webserver
    > (Netscape-Enterprise/6.0) on port 443 and after the handshake getting
    > the certificate (root certificate authority in GTE CyberTrust) and
    > printing the cert-chain information.
    >
    > From two different boxes I am getting two different certificates from
    > the same server.
    >
    > Basically when I connect from box A the server sends me a
    > certificate-chain which has 3 certificates in the certificate chain
    > and the root certificate (GTE Cyber Trust) has expired on Fri Dec 31
    > 18:59:00 1999
    >
    > when I connect from box B the server sends me a certificate-chain,
    > which has 3 certificates in the certificate chain, and the root
    > certificate (GTE CyberTrust) has expiration date of 2006 (which is the
    > right date).
    >
    > Except for the last certificate on the chain all the other
    > certificates are identical.
    >
    >
    > Have anyone heard about something like this? What can cause this
    > issue?
    >
    >
    > Thanks
    >
    > AM.

  • Next message: Ulrich Boche: "Re: Strange SSL Issue"

    Relevant Pages

    • Re: Secure VPN access
      ... with it's security option for the client. ... After getting the VPN connection I check the Ip settings and found the ... point to the head ISP's DNS server. ... > Computer certificates for L2TP/IPSec VPN connections ...
      (microsoft.public.windows.server.sbs)
    • RE: L2TP/IPSEC site-to-site question
      ... seems more difficult on Windows and Isa 2000 mix, ... If I want to use certificates what type I have to use? ... > site-to-site VPN connection. ... > Site-to-Site VPN in ISA Server 2004 ...
      (microsoft.public.isa)
    • Re: Vista wireless using IAS and WPA-Enterprise
      ... certificates, which may be more than the limit that the IAS server can send ... on a Web site or if you use IAS in Windows Server 2003 ... Vista wireless using IAS and WPA-Enterprise ...
      (microsoft.public.windows.server.networking)
    • RE: L2TP/IPSEC site-to-site question
      ... Microsoft Internet Security and Acceleration (ISA) Server 2004 ... >site-to-site vpn connection. ... >My concerns are about the certificates part. ...
      (microsoft.public.isa)
    • Re: IAS EAP (PEAP)
      ... > IAS is registered with AD so I am okay there. ... If you create the server cert using the information below, ... Use this procedure to configure IAS server certificates for use with PEAP ...
      (microsoft.public.internet.radius)