Re: Trust a cert and cert purpose

From: jenny (jenny_at_discussions.microsoft.com)
Date: 11/11/04 

Date: Thu, 11 Nov 2004 05:54:11 -0800

Thanks all first.

Would like to ask how about the certificate purpose ? How to generate a
cert with a specific purpose instead of <All> ? Thanks.

"Bernard" wrote:

> > Is there anyway that I can bypass the security alert and go to the website
> > directory ?
>
> Error Message: This Security Certificate Was Issued by a Company that You
> Have Not Chosen to Trust
> http://support.microsoft.com/?id=297681
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
>
> "jenny" <jenny@discussions.microsoft.com> wrote in message
> news:B146E365-27FB-4759-90AB-D8A3CC3D2115@microsoft.com...
> > Hi all,
> >
> > Would like to ask about SSL certificate.
> >
> > I have a Web Server installed with SSL certificate. The cert is signed by
> a
> > CA created by myself (through MS Cert Server). When I go to the web site
> by
> > https, a security alert prompt saying that the CA is non-trust and I need
> to
> > press "Yes" in order to access the web site.
> >
> > Is there anyway that I can bypass the security alert and go to the website
> > directory ? I can accept one-time installation on workstation level. I
> know I
> > can achieve it by installing the Root trust for that CA so that the client
> > workstation will trust each cert issued by that CA as I've tried it
> > successfully. However, I would be more restrictive that I want to trust
> that
> > cert only. That is, I trust that CA issue the cert to my WebServer ONLY.
> That
> > is, after the on-time installation, I can access that website directory.
> When
> > there is another SSL website installed with a cert signed by my CA also,
> my
> > workstation will prompt the security alert.
> > Or in another word, is there any way to trust the cert instead of trusting
> > the CA ? I've tried to install the cert by click the "Insall certificate"
> > button, but it only install on the intermediate cert. Once I close the IE
> and
> > go to the website again, the security alert prompt. Any solution? Thanks.
> >
> > Also, I have questions on setting the cert purpose:
> > When I select a cert at the IE -> Option -> Content -> Certificate ->
> > highlight any build in cert, the "certificate purpose" display at the
> bottom
> > can be many types: e.g. for email, for server authentication etc.
> > For those cert signed by the CA created by myself (e.g. MS Cert Server),
> the
> > "certificate purpose" is "All". How to configurate the certicate purpose
> > while generate the cert ?
> > Thanks.
>
>
>

Quantcast