Share via

Certificate issue. Windows does not have enough information to verify this certificate.

Anonymous
2024-08-03T19:11:48+00:00

I have a website and users report getting this error periodically. I also get it. I happens with various browsers. Clicking "Cancel" works and it doesn't ask again for a while, but then it comes back. How to I stop it from happening?

In the SSL Settings on the server, I have Client Certificates set to Ignore.

I'm running Windows 2019 Server and IIS.3

*** Moved from Windows / Other/Unknown / Security and privacy / Security and privacy ***

Windows for business Windows Server Directory services Certificates and public key infrastructure (PKI)

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-08-05T07:01:32+00:00

    Hi eWhy,

    Thank you for posting in the Microsoft Community Forums.

    Here are some steps to resolve this issue:

    1. Check the validity of the SSL certificate

    Verify the certificate expiration date: Ensure that the SSL certificate has not expired.

    Check the Certificate Authority: Make sure the certificate was issued by a trusted Certificate Authority (CA).

    1. Check the integrity of the certificate chain

    Export and view the certificate chain: In IIS Manager, open Server Certificates, locate the relevant certificates and export them (including all certificate paths). Then open the exported file in the Certificate Viewer and check if any intermediate certificates are missing.

    Ensure that all intermediate certificates are installed: If intermediate certificates are missing from the certificate chain, they need to be imported into the Trusted Root Certification Authorities or Intermediate Certification Authorities store on the server. Authorities on the server.

    1. Configure IIS to use the correct certificates

    Bind the certificate in IIS: Ensure that the site has the correct SSL certificate bound in IIS. In the IIS Manager, select the site, click Bind, make sure the HTTPS binding is set up correctly, and that the correct certificate is selected.

    Check Application Pool Configuration: Ensure that the application pool is configured correctly, especially if the website relies on a specific .

    1. Browser and Client Settings

    Clear Browser Cache: Sometimes old certificate information in the browser cache can cause validation issues. Try clearing the browser cache or resetting the browser settings.

    Check Client Certificate Settings: Although you mentioned that the client certificate setting is set to Ignore, make sure that this is the correct setting and that no other security software or browser plug-ins are interfering with the validation of the SSL certificate.

    1. Check Event Viewer and IIS Logs

    Check Event Viewer: Look for error or warning messages related to the SSL certificate in the Windows Event Viewer, which may provide additional clues about the problem.

    Analyze IIS logs: IIS logs may contain detailed information about SSL handshake failures, which can help diagnose the problem.

    1. Updates and Patches

    Ensure that the server and IIS are up to date: IIS are installed with the latest updates and patches.

    Best regards

    Neuvi Jiang

    0 comments