URGENT: Problem with certificate on smartphone

Hello
I have a small problem with the SSL certificate from LetsEncript.
The problem only occurs when the homepage is opened on the smartphone. If the message is aborted, the homepage will still be displayed. On a PC/Laptop/MAC everything works without a message.
The following error message appears:

Domain: www.baumelertaxi.ch
Title: No certificates found
Text: The browser has requested a certificate. If you agree to this request, the application can now use this certificate with the servers. DI requesting server has been detected as xxx. Only agree to this request if you trust the application.
You can install certificates from a PKCS#12 file with the file extension .pfx or p12.

Here par Infos about the System (Server)
Windows 2012 R2
IIS 8.5
LetsEntcript: Tool from https://github.com/pkisharp/win-acme (With this tool I only have to say create certificate and for which domain, afterwards the tool does everything itself and enters it in the IIS.)

How can I make the message disappear on the smartphone? Because the message confuses some of the visitors, many do not dare to click on Cancel and leave the homepage again.

Hi @sslzertifikat

I don't see a problem.

Both connections use the same valid Letsencrypt certificate ( https://check-your-website.server-daten.de/?q=baumelertaxi.ch )

CN=baumelertaxi.ch
	25.03.2019
	23.06.2019
expires in 76 days	baumeler-taxi.ch, baumelertaxi.ch, 
taxi-baumeler.ch, taxibaumeler.ch, www.baumeler-taxi.ch, 
www.baumelertaxi.ch, www.taxi-baumeler.ch, 
www.taxibaumeler.ch - 8 entries

the chain is complete

Chain (complete)	
	1	CN=baumelertaxi.ch
	
	2	CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US

you use DNSSEC, that's valid

• Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 55972, DigestType 1 and Digest "unE+kAMKqbLu+LWsC7hxR4qXS68=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

• Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 55972, DigestType 2 and Digest "jsP4+CDraFh/pAWhg2PGF+8kBkk3IFstpqY32dCPS7I=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Yep - checking your site I see the problem.

There is an IIS option "accept client certificates"

Remove that option -> ignore.

1 Like

PS:

IIS Management - SSL Einstellungen / Settings - Client certificates -> don’t choose accept.

If you use “accept”, my FireFox asks.

1 Like

mobile site redirect to different site, and it does request a cert.

Thanks for the answers.

I have found the settings “SSL Settings”, which was written here only at the individual domain.
After adjusting this setting, the message no longer appears on the smartphone.

Can this option NOT be set globally in IIS? Otherwise I’ll have to remember with the next domain I set up SSL that I’ll make the options again.

You can define that global.

Domain -> (up) Sites -> (up) Your Server

there is the same setting.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.