Re: Clients unable to access secure websites

Check out the following link, as it recommends a utility (s_client) for debugging ssl / tls issues, as well as using other tools such as ethereal or ssldump:

http://www.securityfocus.com/infocus/1818

--
Kevin Weilbacher [SBS MVP]
"The days pass by so quickly now, the nights are seldom long"
*

"Dave Nickason [SBS MVP]" <gwdibble@xxxxxxxxxxxxxxxxxxxxxx> wrote in message news:%23XpY$S%23UIHA.4712@xxxxxxxxxxxxxxxxxxxxxxx
I'd compare the IE security settings on the workstations that don't work with those that do. Also, double-check for firewall issues - for example, could the non-working machines have a 3rd party firewall like zone alarm or something that's packaged with the AV? In trying (unsuccessfully) to research this, firewall seems to be a primary cause of TLS failures. Certificates are the only other thing that comes to mind - I guess you could make sure the problem workstations are automatically updating their root certificates (CP add/remove, windows components, make sure Update Root Certificates is checked). If it's that last one, that'll be the wildest right guess I've ever made.


"Jonathan Barrie" <JonathanBarrie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:3672EF43-2A36-435D-8B1E-62472C9AF7A2@xxxxxxxxxxxxxxxx
Thanks for the tip, but we aren't running ISA. Just have a simple firewall
(a better one is on it's way).

I just wish it was a global problem. The fact that a couple of machines are
getting through is very frustrating.

"Dave Nickason [SBS MVP]" wrote:

Any chance this is the issue? This came right to mind as when I had this
problem, it was government site.

Blank page or page cannot be displayed when you view SSL sites through ISA
Server
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B283284


"Jonathan Barrie" <Jonathan Barrie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:D0C8B197-72FA-43E1-8A11-232A7365E07D@xxxxxxxxxxxxxxxx
> Installed an SBS 2003 R2 server in a company with a mixture of new and > all
> PC's. All machines are running XP Pro SP2 with latest udpates.
>
> Users need to access a US governement website that requires TLS
> encryption.
> After the server installation and being added to the domain, none of > the
> new
> PC's can login in to the site, and only 2 of the old machines and the
> server
> are able to. Absolutely every other secure site we've tried works > fine.
>
> Users are able to get to the site and input their usernames and > passwords,
> but unable to get any farther. Once they hit the Login button, the > page
> it
> sits for a few minutes and then comes back with Page Cannot Be > Displayed.
>
> I've tried disabling the Firewall through Group Policy, checking the
> security settings in IE, logging in as administrator and nothing has
> worked.
> I don't believe it's an IE issue as the problem can be replicated with
> Firefox. I've combed through all the Group Policies and haven't found
> anything. It just isn't making any sense.
>
> Any ideas would be helpful. Like i said the only machines that are
> working
> are the server and 2 laptops. They just happen to be the only 2 > Toshiba
> laptops in the company, the rest are IBM and Dell desktops. > Coincidence?
> I
> have no idea at this point.






.

Loading