Loading
Salesforce에서 이메일을 보내기 위해서는 도메인 인증이 필요합니다.더 많이 읽기

SSL Certificate issue during Single Sign On: 'Certificate Is Not Trusted in Web Browser'

게시 일자: Oct 13, 2022
상세 설명
SSL Certificate issues:
 
During Single-Sign-On authentication via Chatter Desktop, Mobile, or even Salesforce for Outlook, users with server certificate issues could see one of the following errors:
 
Security Certificate Errors: Certificate Is Not Trusted in Web Browser
 
"The security certificate presented by this website was not issued by a trusted certificate authority."
      - Internet Explorer 7+ / Chrome
 
"www.example.com uses an invalid security certificate."
"The certificate is not trusted because the issuer certificate is unknown."
      - Firefox 3+
 
"www.example.com uses an invalid security certificate."
"The certificate is not trusted because it is self signed."
      - Firefox 3+
솔루션
Note: Information in this article applies to both Classic and Lightning Experience

Salesforce recommends confirming the SSL server certificates and the intermediate server certificates. This can be verified using internal tools or a quick check via Digicert checker or a similar tool.
http://www.digicert.com/help/
** Enter the name of your server below and this site will attempt to diagnose the problem and verify proper SSL installation **
 
More background:
Browsers are made with a list of trusted certificate providers (like DigiCert) built-in. For some sites, the certificate provider cannot be found on that list, and the browser warns that the certificate authority is not trusted. While this warning is fairly generic for Internet Explorer, Firefox 3 will also distinguish between a certificate issued by the server itself (a "self-signed" certificate) and other untrusted issuer certificates.
 
Properly installing an Intermediate SSL certificate should resolve this issue. You should never need to install anything on the client devices/applications in order for your SSL certificate to work properly.
 
If you run into this error after installing an SSL certificate, use our SSL certificate checker to find the exact cause of the error.

Self-signed Certificates
 
One possible cause of this error is that a self-signed certificate is installed on the server. Self-signed certificates are "not trusted" because they are generated by your server, not by your Intermediate Certificate vendor, and do not reference the Intermediate Cert in the "Issuer" field when checked with a certificate checker.
 
If you find a self-signed certificate on the server after going through the process of installing your DigiCert certificate, you will want to generate a new CSR from your server and reissue the certificate inside your Certificate vendors account by logging in, clicking the order number, and then clicking the reissue link.
 
Intermediate Certificate Issues
 
The most common cause of the "trusted certificate authority" error is that the certificate installation has not been properly completed on the server (or servers) hosting the site. When checked with an SSL certificate tester, an incomplete installation will show one certificate file and a broken red chain.
 
To resolve this problem, install the intermediate certificate (or chain certificate) file to the server that hosts your website. To do that, in the example of a Digicert Certificate, log in to your DigiCert account, click the order number, and then select the certificate download link. This file should be named DigiCertCA.crt. You will then want to follow your server-specific installation instructions to install the intermediate certificate file.
 
Once you have imported the intermediate certificate, check the installation using the SSL certificate tester. A proper installation will show multiple certificate files connected by an unbroken blue chain.
Knowledge 기사 번호

000385793

 
로드 중
Salesforce Help | Article