You get the following error when accessing some HTTPS sites:
HTTPS Certificate Failure
A problem was detected when accessing this web site. Access has been restricted due one of more of the following issues.
The Certificate Verification failed due to at least one of the following reasons:
- The certificate is not valid.
- The certificate's CommonName does not match the URL
- The certificate was issued by an untrusted certificate authority.
However, you are allowed to override this warning.
VERIFY DENY: depth=1, (27) certificate not trusted: "<Certificate name>"
VERIFY DENY: depth=1, (20) unable to get local issuer certificate: "<Certificate Name>"
The error appears if the certificate is not trusted. This most commonly occurs if the Certificate Authority (CA) is not yet known to InterScan Web Security Virtual Appliance (IWSVA).
To resolve the issue, export the certificates from Internet Explorer (IE) and import them into IWSVA.
Export all Trusted Root Certification Authorities from IE:
- Go to Tools > Internet options > Content tab.
- Click Certificates and go to the Trusted Root Certification Authorities tab.
- Select all root/intermediate CAs and click Export.
- Select the Cryptographic Message Syntax Standard - PKCS #7 Certificates (.P7B) format and name the file “from_ie”.
The exported file from_ie.p7b will be created
- Upload the file to the /tmp directory of IWSVA.
Log in to IWSVA as root user, and import the file by executing the following commands:
To further analyze the Certificate Failure, you may contact Trend Micro Technical Support for assistance.