win7 IE9, does not recognize SSL certificate, winXP SP3 IE8, SSL page time out

Question

This question is listed in Microsoft support forum also: http://social.msdn.microsoft.com/Forums/is/ieextensiondevelopment/thread/e85bb5a0-6b83-4bb6-a4b9-e9a861f3ff94   Hello Dell / Microsoft Support, Update on the issue described below with IE8. I have tested my web site on a third system at another office location and it is apparently working properly with that IE8 browser with the OS of win XP SP3. The failure appears to be localized to these two systems here in this office location. Both are running the Dell OEM version of win XP SP3 original factory installation from the vender. IE8 v8.0.6001.18702cipher strength: 128 bitPID: 01398-997-0011903-00102update version: 0 There is an encryption issue with these browsers, how do I determine which direction to solve the issue, or know if it will occur on other systems, Dell or Microsoft? The issue with win7 IE9 still has not been addressed, it is at another location on the west coast which I am nearer the east coast. So I am trying to get a screen shot of the error from the gentleman in my assistance. Any information regarding this issue will be greatly appreciated. Thank you ------------------------------------------------------------------------------------------------------------------ I am having an issue with IE8 with my new web site while it is being served in SSL. I have checked my site in Firefox and it is working flawlessly and very fast while loading the pages in both unsecured and SSL sides. The site is written in PHP and XHTML 2.0 / CSS 2.1 and mySQL. There are no errors in the scripts or markup. When going from my home page (unsecured) with a direct link to ether the login or registration pages both in SSL in IE8 it is a little slow compared to Firefox (differences in the engines) but is loading the full page ok. But when logging in or registering, the scripts become more complex and several more things come into use, this is when IE8 fails 100% of the time, ether timing out or rendering the next page with out any CSS, has trouble with images as small as 16Kb in size and animated GIF's. I have tested the site on two systems at my location and a mobile device with Firefox and IE8 (Win XP SP3 all updates are current) and Firefox and mobile browser Bolt have worked very fast and have never failed, while on one system using IE8 fails 80% of the time and needs to have the cashe cleared between tests and the other system IE8 has been reset to the default isntall, addons disabled, SSL cashe cleared and IE8 fails on this system 100% of every test, timing out or redering a page without any CSS or images (16Kb images). Both systems have trouble loading animated GIF's. But when pages are rednered on port 80 unsecured there is no issues and page load times on all systems are within normal limits. Firefox is very fast and works flawlessly in all conditions, but I know that 90% of my visitors will be using IE8 or IE9 so it is important that I get this resolved. I have read the bulletins on this subject and have tried the suggestions with no positive results. I will explain some of the changes in the scripts that are in use when this issue is a problem. During a login: (POST, GET, mySQL, GZIP compression, PHPSELF (page posts to itself), meta refresh) these are the major differences in the script after the direct link from the home page (http) to the login page (SSL) and the pages following the login page. All pages on this site use GZIP compression and to resolve another issue regarding IE8 intermittently rendering CSS position absolute 80px+ float to the right uncorrectable, reseting IE8 to the default install fixed the issue. I am hoping using the meta tag to force IE8 into IE7 compatibility mode will prevent the same issue with my visitors. I suspect maybe an issue with the SSL certificate on my server to possibly be the cause of the current issue with IE8, it is new and a higher encryption level then the previous ones from this certificate authority. I have written scripts for SSL in the past and have never had this issue then, so I am looking for something that is new in the variables of this issue. Please contact me in how to further discuss this matter and give you the test credentials to login outside of this public forum.   Thank you.   To update, I have found that changing the cypher type from CBC/OBF to CTR seems to improve page load quite a lot. So it may be that there are corrupted characters in the internet address string, something the other browsers may ignore but IE8 can not. I need some technical information on that subject and limits of the IE8 engine please.   Issue with win7 IE9, does not recognize SSL certificate on my web site. The root certificate list in IE9 does not list the certificate authority. I have called the certificate authority, they are not aware of any know issue of this kind, they have not yet tested the certifacate in a windows 7 IE9 environment. The certificate authority I use is Godaddy/Starfield, verification of my SSL certificate for my web site bizbooksite.com is: https://seal.godaddy.com/verifySeal?sealID=MKYM6DJQJKQE3CIVJrbrdnVL1wGTd1XHWypTX1RFXyT7xRGAvwvMFKdGrJmk Please assist with further information.   Thank you, Web Development for BizBook, bizbooksite.com

BizBookIT · Answer

Added to MSDN IE Development forum: Hello Microsoft Support, December, 16 2011 Update: Thank you Sheng Jiang, yes I will take this there and thank you for the advice. There is a large difference between SSL handshares and now the first issue of IE incorrectly rendering the CSS is back and the default reset does nothing to fix this now. IE is not correctly reading the style sheet and confusing the classes with each other. Very strange I have never seen this happen before. It is one of three different systems in three different locations. There is a very clear indication of a programing oversight or an exploit of some type, but I have not found a common point except they all have the factory OEM from Dell.

BizBookIT · Answer

Added to MSDN forum 12.16.2011

Jesse Jiang [MSFT],

Thank you for the information to forward this data to the proper departments in Microsoft engineering. I do understand the difficulties in bringing the IE series technology into such a very broad range type of internet browser, if I am not in error Microsoft has been developing a browser that attempts to produce web pages under a broad range of loose markup and CSS. Taking into account not every site is developed with the same care, knowledge, experience etc. So to have one browser work very well on them all instead of only having WC3 compliant browsers, sites loosely written CSS fall apart in them of course and look fine in MSIE, in theory and for the most part that is true. And along with that some things will be sacrificed due to the current technologies restrictions and requirements, I am willing to have the performance decrease under those design implements, as for this issue I must advise further review of complete functionality impairment, malfunction and more than likely a serious possibility of SSL exploits between servers, clients and the clients OS, browser and internet connection and third parties make this a much more serious issue for the engineers at Microsoft than I, a web developer working with a very different way of securing the clients data and the security of the site its self. I of course can not say of how it works, but I can say that it is not done in any standard way, browser cookie or even client sided. As soon as it begins MSIE becomes completely impaired and malfunctions.

I will forward the data ASAP, I am very busy but I will find time soon. Any other information from or to me, Microsoft may contact me directly by the email address used in this forum. This project is within the projected time but as this issue continues unresolved that will begin to change to become much less desirable a time frame.

Thank you,

BizBook web site development offices/dd12.16.2011

Windows General

Was this post helpful?