none
IE7: Still no green bar on EV SSL certs RRS feed

  • Question

  • Only when resetting the IE7 settings does the green bar work, but the moment any advanced setting is changed, such as 'show image download placeholder' or disabling ClearType, then https://www.paypal.com/ and other EV-SSL websites do no longer show green adresbar, but the plain padlock only.

    Just updated again to latest root-certificate updates, but still no go.

    Starting IE7 without any Add-Ons doesn't help either.

    It's having this behaviour on 3 different Windows XP-SP2 installations now.

    Tuesday, March 20, 2007 9:25 AM

Answers

  • Actually that has nothing to do with it, and I've already solved it myself (just forgot about this ticket).

     

    Internet Options -> Advanced -> enable "Check for server certificate revocation *"

     

    This is the crucial option that allows IE7 to show the green bar on EV-SSL certificate websites.

     

    Some IE6 -> IE7 upgrades don't have have that setting enabled.

     

    I've got Phishing filter totally disabled, because it's a waste of resources for me, I can detect a phishing website a mile away blindfolded, so no need to query some external server to tell me that.

    Tuesday, November 6, 2007 11:30 PM

All replies

  • I'm having this same issue.  It seems to be affected onall machines in our corp.

     

     

    Tuesday, April 10, 2007 2:53 PM
  • In order for the Green Bar to appear you MUST have the Phishing filter option set to "Turn on automatic website checking".  The green bar indicates that the site has an EV cert AND has been verified not to be a phishing site.

     

    Tuesday, November 6, 2007 2:49 PM
  • Actually that has nothing to do with it, and I've already solved it myself (just forgot about this ticket).

     

    Internet Options -> Advanced -> enable "Check for server certificate revocation *"

     

    This is the crucial option that allows IE7 to show the green bar on EV-SSL certificate websites.

     

    Some IE6 -> IE7 upgrades don't have have that setting enabled.

     

    I've got Phishing filter totally disabled, because it's a waste of resources for me, I can detect a phishing website a mile away blindfolded, so no need to query some external server to tell me that.

    Tuesday, November 6, 2007 11:30 PM
  • Funny.  I get green bars with that option NOT being selected.  I wonder if it is one or the other.  The site needs ot have an EV cert and either be verified not on the phishing list or verified to not have a revoked certificate.  I definitely can get the green bar to work not work by toggling the anti-phishing prefernces.

     

    Wednesday, November 7, 2007 9:37 PM
  • Yes.  That seems to be it.  You will get the green bar unless you have both of those options turned off.  So, I am going with the check fro certificate revocation as I prefer not to tell Microsoft about every URL I visit.  Thank you very much! :-)

    Wednesday, November 7, 2007 9:42 PM