SSL Certificate is not Valid Error 0x800c0019

redngold · 2024-11-19T17:07:42.637Z

After fighting this issue for months, I have finally decided to see if you all could help! We have a policy management site that we use for our hospital. Whenever a user attempts to edit a policy, they get the SSL Cert is invalid error. The certificate on the website is fine, worked with their support and they found nothing wrong. The ONLY fix we found was to navigate to Internet Options > Advanced > and UNCHECK Check for Server Certificate Revocation. The issue does not happen when logged into domain admin creds, only for standard domain users. We do not want to uncheck that option domain wide as it is a security feature. Any ideas?

kwelch007 · 2024-11-19T17:33:48.761Z

Are you using out of date browsers? Have you checked the CA’s Certificate Revocation List to verify that, in fact, the certificate or one of its signing roots hasn’t been revoked?

Rod-IT · 2024-11-19T19:57:25.388Z

RednGold:

Internet Options > Advanced > and UNCHECK Check for Server Certificate Revocation.

Can the machines get online to the CAs CRL to confirm it’s valid?

RednGold:

The issue does not happen when logged into domain admin creds, only for standard domain users.

If users go via a proxy server or filter to the internet, can they get to the CAs CRL list?
Is the cert internal and is the CRL published/available?
Is it from a 3rd party CA of a company you deal with, is the chain complete?

I expect DAs have rights that overrule policies and proxy/filtering.

Perhaps you can share some details about the cert or the cert validity in a screenshot