http -> https certificate how can avoid error ?

Question

User632428103 posted

Hello,

for to begin, sorry but my knowldge with certificate is very basic ..

we have some web service in http ..and after an audit of security we need to pass these url in https.

All right, for to do that, i have a certificate where this certificate is installed on my server.

On IIS, on my web site clic binding select https add port 443 and select the ssl certificate.

On my personnel browser,  if i load the https url that's work but i have an error as said this :

your connection is not secure, you should not enter sensitive data ...

ok, i have exported the certificate from my server and i have installed to my personnel browser.

But if i call the url https i have the same problem ...

How i can avoid this error ?

thanks for your explanation and detail because it's first time i work with certificate

Answer 1

User753101303 posted

Hi,

You should be able to click a button in this message or a "not secure" warning sign in the address bar to have more details about the problem found by the browser.

A self signed certificate is for testing and won't work. Another common problem is using a certificate that doesn't match the intended server name etc... (but you should be able to have the browser telling you about the problem rather than trying to guess).

Or use maybe F12 console which might show also the problem.

Not directly related but once https is up and running you may want to give a try at https://www.ssllabs.com/ssltest/ It allows to see if https is properly configured (or if your site is public give it a try, it maye as well show why a SSL certificate is invalid).

Answer 2

User665608656 posted

Hi jimmy,

your connection is not secure, you should not enter sensitive data ...

This message means that the site uses the HTTP protocol to transmit data to remind users to visit the site cautiously.

HTTP protocol is a plaintext transmission protocol. It can not encrypt the transmission data or verify the integrity of the data, nor can it authenticate. The flaws of HTTP protocol are the important reasons for data leakage, data tampering, traffic hijacking, phishing attacks and other security problems.

All communication data transmitted through HTTP protocol are "naked running" in plaintext in the network. Any third party can easily intercept, steal, tamper with data, or forge the server to deceive users.

HTTPS adds the protocol of SSL/TLS on the basis of HTTP. It relies on the certificate of SSL/TLS to verify the identity of the server, and establishes an "SSL encryption channel" between the client and the server to ensure that the user data is encrypted in the transmission process. At the same time, it prevents the server from being counterfeited by phishing websites and ensures that the client and the server are in an encrypted state. Information exchange between them is always secure.

To solve this issue, you can refer to the following two articles. Before that, you need to know whether you are a website manager or a visitor and solve the problem according to your different roles.

https://www.digicert.com/blog/not-secure-warning-what-to-do/

https://www.digitbin.com/make-not-secure-site-secure-chrome-fix/

Hope these will help you.

Best Regards,

YongQing.

Answer 3

User632428103 posted

Hello patriceSc, yongqing Yu,

yes i'm think we are perhpas the only society who still too some web service in http !!!!

The problem is solve, the problem was the certificat was an hierarchy (root / intermeiary / certificate) and also i place the certificate inside

manager USER certificate and not in manager COMPUTER certificate

Now i can open my chrome browser and navigate to the https WIHTOUT this error ...

Yessssss

thanks for all and so thanks also for the time you spend here i read often some response you give and of course we learn a lot with that.