Installing Certificates in Internet Explorer
When you first connect to a server using self-signed certs, Internet Explorer will display a warning. When you continue on, a certificate error is shown similar to the following:
If you click the "Certificate Error" text in the address bar, you'll see an explanation with a "View certificates" link at the bottom. That's our goal -- to view the certificate.
When you click "View certificates", a dialog will display information about the SSL certificate. The Certifying Authority (also called a CA Root) certificate need to be installed. Click the "Certification Path" tab, and then select the top certificate shown (THIS IS CRITICAL). That is the CA Root. Note that the certificate names will be different on your machine than what is shown in the screenshot below.
Click the "View Certificate" button near the middle of the dialog. A new dialog opens which shows the CA Root itself. This is the one we need to install. Near the bottom of the new dialog is a button to Install Certificate.
When you click "Install Certificate", a Certificate Import Wizard will start which will help you install the certificate. It's important to install the CA Root certificate into the "Trusted Root Certification Authorities".
Click Next until you get to the Finish button. Once you click Finish, a final confirmation dialog (Security Warning) is displayed to make sure you want to add the new cerificate (this dialog helps insure that a human is doing this action and not some malware).
Now that you've finished the steps above, Internet Explorer will accept the new SSL certificates without displaying an error.
SSL Domain Matching
When the SSL certificate was made, it was created using the computer's name, localhost and 127.0.0.1. In the examples above, that means we could go to https://dnvista or https://localhost or https://127.0.0.1 and the URL would match the server listed in the SSL certificate. If you will always access the web reports using one of the above server names, you can stop now.
Mismatched Address
If your server is accessible via different names or additional IP addresses (perhaps via an external and internal IP address) then the URL won't match the internal server name and the browser will give a Mismatched Address error. This is the same error that occurs if you take the SSL certificate from one server and put it on a different server
One of the best ways to fix this would be to add an entry to your hosts file that maps the server's name to the IP address that you are using to access the server. That will enable the URL to match the certificate.
Comments on this help page? Please contact us with suggestions
