- IE displays an error message that a certificate is not trusted when browsing to SDMS WebVision.
- NuGenesis 8 SDMS SR2
The SSL certificate as used by the SDMS Web server does not pass Internet Explorer's validation checks.
FIX or WORKAROUND
Each SDMS Web server must have a valid certificate assigned to it in Microsoft IIS. The certificate must be:
- Issued by a Certificate Authority (CA); that is, it must NOT be a self-signed certificate;
- Issued by a CA that the client can access, either one managed internally or by a third-party company;
- Valid for the current time period;
- Issued to the server's fully-qualified domain name.
Internet Explorer categorically marks all self-signed certificates as untrusted.
If the "issued to" field in the certificate does not match the server name as entered into the URL, then IE will not trust the certificate. In most cases, the "issued to" name must be the server's fully-qualified name, and therefore the server name in the URL must be the fully-qualified name. If the SDMS servers are load-balanced and share a common name, then the certificate must be issued to the name of the load balancer, and added to IIS for each SDMS web server in the pool.
Waters does not issue certificates for NuGenesis web servers.
To add a certificate to IIS or to add an SSL certificate to the HTTPS binding, see the article How to configure a NuGenesis web server for HTTPS.