Internet Explorer 8 security certificate install bug/issue

[rgfuller]

I checked this last night, and no problem going to checkout on feelunique.com or logging into the Bord Gais site, I really don't understand why you are prompted to install a cert at all, your IE should already have cert authority trusts and should automatically check and accept the cert presented by the secure sections of these websites, there should be no need to install a cert locally (not sure on the online banking one - but valid for the other sites).

 

[Aurnia]

Thanks RG for that. So it's our machines then. Must be something to do with our version of Vista (Home premium, SP1) or settings we've in IE7.

Speaking of settings, in Internet options, the settings we've got clicked that might be relevant are:

Under Security (set at medium high) -
Enable - run components not signed with Authenticode
Disable - Allow previously unsed ActiveX controls to run without prompt
Promt - allow scriplets
Disable - automatic prompting for activex contorls
Enable - Binary and script behaviours
Prompt - Download signed activex controls
Prompt - intialize and script controls not marked as safe for scripting
Enable - run activex controls and plug ins
Enable - script activex controls marked safe for scripting

Enable - allow scripting of internet explorer web browser control
Disable - allow script initated windows without size or position contraints
Enable - allow webpages to use restricted prototcols for active content
Disable - allow websites to open windows without address or status bars

Disble - don't prompt for client certificate selection when no certificates or only one certificate exists

Enable - active scripting
Disable - allow status bar updates via script
Enable - allow websites to prompt for information using scripted windows
Enable - scripting of java applets

Under Advanced -

Browsing:

Disable script debugging (IE)
Disable script debugging (other)
Enable third party brower extensions

Security (all clicked):

Allow software to run or install even if the signature is invalid
Check for Publisher's certificate revocation
Check for server certificate revocation
Check for signatures on downloaded programs
Enable Intergrated Windows Authenication
Enable Native XMLHTTP support
Phishing Filter - Turn on automatic website checking
Use SSL 3.0
Use TLS 1.0
Warn if Certificate address mismatch
Warn if POST submittal is redirected to a zone that does not match

 

[car]

Just seeing this now.
Some FYIs
Firefox 3.5 and higher has an issue with certificates, I work with installing applications and clients (laptops/pcs) and new browsers are always tested for all applications that are in use in an office before we roll them out. IE8 and FF 3.5.2 have caused issues with certs, sometimes the UAC fix works, sometimes it doesnt, for some apps, FF doesnt work at all if its https, but you can get the IE6 or IE7 plugin so it does which is a type of a workaround.