locked
Certificate Error RRS feed

  • Question

  • I am trying to get my WHS server setup for the first time. When I browse to the WHS web site from any computer on the network I get a Certificate Error from IE. On the error page, I am given a choice to continue on to the web site. If I click that link I am taken directly to my WHS web site. The address bar in IE is red and there is a new box with "Certificate Error" at the end of the address bar. I have looked at the WHS web site properties and there seems to be two certificates in the Certificate store. One for the machenie name ( HOMESERVER ) issued by some GUID number and one for the Windows Live Domain ( orgbrat.homeserver.com ) issued by GO Daddy. The HOMESERVER certificate is the one assigned to the WHS web site. I thought the GO Daddy certificate would be the one assigned to the web site. Can someone tell me why I am getting the "Certificate Error?

    Orgbrat

     

    Sunday, February 10, 2008 8:25 PM

Answers

  • Have you actually tried to access the box from outside?  Or, are you just going off of internal testing?
    TCP/4125 isn't required for basic website functionality (for that matter, neither is TCP/80.)  So long as, at a minimum, TCP/443 is open, you can access the site via https://yourname.homeserver.com (note that's https, not http.)  Generally, it's best to use the SSL address, as sometimes either IIS or your ISP doesn't do the redirect (from http:  to httpsSmile correctly.
    TCP/4125 (WHS Remote Desktop Proxy) is only required for remote computer access.

     

    Also, most people around here sweat by Shields Up! for reliable port-forwarding testing.  Might want to give that a try, make sure that what you're using is accurate.

    Tuesday, February 12, 2008 4:11 AM

All replies

  • If you're connecting to http://servername, (rather than http://yoursite.homeserver.com) this is normal behavior:  the Go Daddy cert was installed via Windows Update, and fixes the problem of getting a cert error when connecting to your WHS page from the internet.  The side effect is getting a cert error when connecting to your server's site by machine name.

     

    Do you still get the cert error when you connect to your .homeserver.com site from outside your house?

    Monday, February 11, 2008 4:42 AM
  • Hi Chris,

          Thanks for answering. Yes the error is when I use http://servername. I have yet to get the outside access working yet.

    I have a Motorola VT2542 Voice Gateway which is the Motorola 4 port router with 2 additional ports for Vonage voice and my ISP is Comcast. I am having a problem that I believe is being caused by Comcast. I am unable to get port 4125 thru.

    I have checked and rechecked my port forwarding in the router and I think they are correct. I have been using CanYouSeeMe.org to check if the ports are open. Ports 443 and 80 are open but port 4125 shows connection refused. I have went so far as to add the homeserver's IP into the router's DMZ which as I understand puts the server wide open to the internet and still port 4125 is refused. This is why I believe my problem to be Comcast. Do you or anyone on here have any suggestions for this problem?

     

    Orgbrat

     

    Tuesday, February 12, 2008 2:51 AM
  • Have you actually tried to access the box from outside?  Or, are you just going off of internal testing?
    TCP/4125 isn't required for basic website functionality (for that matter, neither is TCP/80.)  So long as, at a minimum, TCP/443 is open, you can access the site via https://yourname.homeserver.com (note that's https, not http.)  Generally, it's best to use the SSL address, as sometimes either IIS or your ISP doesn't do the redirect (from http:  to httpsSmile correctly.
    TCP/4125 (WHS Remote Desktop Proxy) is only required for remote computer access.

     

    Also, most people around here sweat by Shields Up! for reliable port-forwarding testing.  Might want to give that a try, make sure that what you're using is accurate.

    Tuesday, February 12, 2008 4:11 AM
  • For your certificate error, could you please go through the live domain setup again? There were apparently some problems with that whole process over the weekend, and a lot of people experienced errors trying to configure a URL.
    Tuesday, February 12, 2008 12:23 PM
    Moderator
  • Hi Chris,

          You were absolutely correct, I can get to the https://yourname.homeserver.com  from the outside world.

    I was going off of internal testing. I can get to the website and into the homeserver console. So everything looks

    ok. I am also not getting the certificate error from the outside. Thanks very much...

     

    Orgbrat

    Tuesday, February 12, 2008 7:27 PM
  • Hi Ken,

    Since I can get into the home server from the outside without the error, do you think going thru the live domain setup again is needed?

     

    Orgbrat

     

    Wednesday, February 13, 2008 4:40 AM
  • Nope. Smile
    Wednesday, February 13, 2008 12:07 PM
    Moderator