Recently we renewed our cert for OWA, using Thawte. When we applied the new one we started getting various security errors, including such ones as "Windows does not have enough information to verify this certificate error" and "The security certificate was issued by a company you have not chosen to trust" (see below)".

Now this is Thawte, not some fly-by-night place. And our previous cert had worked just dandy. We were having issues with Outlook, syncing our phones, OWA, etc. So why were we not trusting them?

What I discovered was that in June 2010 Thawte changed their intermediate cert - going to 2048 - which was a good thing. Unfortunately, because the cert we were replacing overlapped that time by over a year we were unaware that the new cert needed a new "Third-Party Root Certificate Authority" cert from Thawte.

Luckily I figured it out, found the appropriate certs on Thawte's site and walked through their simple step by step instructions to install the cert on the hub server. Rebooted the server and bingo! All is happy, happy, joy, joy.

Rather than repeat their instructions I will simply give you the links below:

• New intermediate certs - https://search.thawte.com/support/ssl-digital-certificates/index?page=content&actp=CROSSLINK&id=AR1373
• Instructions for IIS install - https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO15007&actp=search&viewlocale=en_US&searchid=1323051600188

Hope this helps...

I have a feeling that if you are reading this you already have the solution. The reason being is that the symptoms are all rather hidden.

Someone was hosting a website remotely and this morning they could not login to the website in Internet Explorer 8. It worked for Firefox.

I did some troubleshooting and discovered that if they added a wildcarded version of the site (*.mysite.com) to their trusted domains in IE then it worked. Why?

The key to the solution was this little popup that occured when they went to the login page.

It did not occur when the wildcarded site was in the trusted domains.

Delving into the page source I realized that the site was using Ajax callbacks for its login process. Now if you are at all familiar with Ajax you understand that it does everything under the covers. Unlike a standard Postback it does not contact you if there is a problem. It lets you know in your Ajax handler IF you took care of that, but otherwise it simply fails.

In this case what was happening was that when the callback occurred it was running into this prompt and failing, but there was no handling of that.

The solution, of course, is to fix the issue with whatever is on the site that is not secured - ie removing any absolute links...

:)

I encountered a user who was browsing to a webpage that locked up their computer. I kid you not, we had to do a hard reboot, no ctrl-alt-del anything. She was using IE 7 and there were no fancy-schmancy toolbars on there, but I took a looksee at her add-ons as I have found these to not merely be an issue on occasion but even to be where malware has secreted itself.

I noticed an add-on named "jqsiestartdetectorimpl" which referenced jqs_plugin.dll. That is the Sun Java quickstarter file.

Now one of the problems in the whole realm of computers is that with so much competition, vendors do not care if they break your computer as long as they are on top. Who cares if your computer is slower as long as our product launches a microsecond faster. So you end up with a thousand (okay, I exaggerate) little programs sucking up memory because they each are thinking about numero uno. And no, numero uno is NOT you.

So I disabled that add-on and voila!

Note that many of these do NOT need to run for your stuff to work beautifully. And in this case (and others I have run across) all they do is mess up the browser, and possibly freeze the computer.

One nice thing about IE 7 and 8 is that they have a "no add-ons" mode. You can get to it a few ways

1. Start/Run and type "iexplore.exe -extoff" (sans quotes). Note that you will need to reenable any add-ons that you want since this turns them all off.
2. From the Start menu, to into Accessories / System Tools / Internet Explorer (No Add-ons). This will only disable add-ons for the duration of this session.

Note that #2 is better for troubleshooting since it does not turn them off permanently.

Remember - malware likes to hide here, so keep an eye on these.