- When browsing to SDMS WebVision, IE displays an error message indicating that a certificate is not trusted
- NuGenesis 8 SDMS SR2
The SSL certificate used by the SDMS Web server does not pass Internet Explorer's validation checks.
FIX or WORKAROUND
Each SDMS Web server must have a valid certificate assigned to it in Microsoft IIS. The certificate must be:
- Issued by a Certificate Authority (CA); that is, it must NOT be a self-signed certificate
- Issued by a CA that the client can access, whether managed internally or by a third-party company
- Valid for the current time period
- Issued to the server's fully qualified domain name
Internet Explorer categorically marks all self-signed certificates as untrusted.
If the "issued to" field in the certificate does not match the server name as entered into the URL, IE will not trust the certificate. In most cases, the "issued to" name must be the server's fully qualified name, and the server name in the URL must be the fully qualified name. If the SDMS servers are load-balanced and share a common name, the certificate must be issued to the name of the load balancer, and added to IIS for each SDMS Web server in the pool.
Waters does not issue certificates for NuGenesis Web servers.
To add a certificate to IIS or to add an SSL certificate to the HTTPS binding, see the article How to configure a NuGenesis web server for HTTPS.