I installed a certificate with several common names on a Red Hat server in jks format. The webpage can be accessed using Firefox, and the certificate is imported. However, IE8 gives the error "Internet Explorer cannot display the web page."
I added a certificate with MMC, and its properties show that "this certificate has an odd digital signature." Also, the certificate does not have a web page URL. The certificate has a valid signature in Firefox, and URL mismatches are ignored. How can I get IE8 to accept it. This certificate is required for another application (where it works normally) and cannot be changed except to change the format. I already have it in PKCS12, jks and pem formats.
Suppose you are using Windows XP or Windows Server 2003, and the certificate is using SHA2?
KB Article: Windows Server 2003 and Windows XP clients cannot receive certificates from a Windows Server 2008 Certificate Authority (CA) if the CA is configured to use SHA2 256 or higher , hotfix .
Windows XP / 2003 does not understand SHA-256; why the digital signature is not valid.
Firefox uses its own certificate store, while IE8 uses Windows store. This explains why the certificate may be valid for Firefox and not trusted for IE8.
, , , Windows ( , IE ). , ( ).
. , Windows XP ( SP3) SHA-2.