OWA SSL Security Warnings through Kemp Loadmaster IE/Chrome/Firefox

0

Is it normal for the security report in Internet explorer to not show up when accessing through the loadmaster? I have a valid SSL cert signed from digicert.

IE --> Doesn't show the security report
Chrome --> Identity has been verified, but does not have public audit records.
Firefox --> The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)

If I hit my legacy OWA url using the same cert with multiple SANs, which doesn't go through the Kemp, I do not get any warnings, on any browser.

Is this to be expected?

5 comments

Avatar
0
James Rago -- K360 Technical Product Manager

Be sure that the intermediate certificates are installed on the LoadMaster. You may also need the root certificate depending on the client and certificate provider.

Avatar
0
sjarrell

Thanks, that seems to have fixed the firefox warning.

Firefox --> The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)

IE and chrome still do not show the site as secure until I am logged into OWA. Maybe this is normal...

Avatar
0
jeffrey.zammit

We are having this very same issue after we upgraded our SSL cert to SHA256. IE and Chrome are OK however from Firefox we are getting "sec_error_unknown_issuer".
Anyone found a solution for this?

Avatar
0
sjarrell

I actually figured this one out...pretty stupid.

Make sure you aren't using an old link or favorite in Chrome or Firefox, it will throw this error.

Avatar
0
brownra

We received the same error from Android devices and Firefox as well.  After running the Qualys SSL Server Test at https://www.ssllabs.com/ssltest/ we determined the problem to be with our intermediate certificates.