Troubleshooting Secure Site Error Messages | Resolving Website Trust Issues

Resolving Website Trust Issues

Q: Users report the following message appears when browsing to the company's secure site: This website cannot be trusted.Which of the following actions should a security analyst take to resolve these messages? (Choose two.)

Verify the certificate has not expired on the server.Update the root certificate into the client computer certificate store.

Prev Question Next Question

Question

Users report the following message appears when browsing to the company's secure site: This website cannot be trusted.

Which of the following actions should a security analyst take to resolve these messages? (Choose two.)

Answers

A. Verify the certificate has not expired on the server.

B. Ensure the certificate has a .pfx extension on the server.

C. Update the root certificate into the client computer certificate store.

D. Install the updated private key on the web server.

E. Have users clear their browsing history and relaunch the session.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

AC.

The message "This website cannot be trusted" usually indicates a problem with the website's SSL/TLS certificate. The certificate is used to establish a secure connection between the client (user's browser) and the web server.

To resolve this issue, a security analyst should take the following actions:

Verify the certificate has not expired on the server: The SSL/TLS certificate has a validity period that usually ranges from a few months to a few years. After the expiration date, the certificate becomes invalid, and the web browser will not trust the connection. The security analyst should check the expiration date of the SSL/TLS certificate on the web server to ensure it is not expired.
Update the root certificate into the client computer certificate store: The SSL/TLS certificate is issued by a trusted Certificate Authority (CA) and signed with a digital signature. The web browser uses the CA's root certificate to verify the authenticity of the SSL/TLS certificate presented by the web server. If the web browser does not have the CA's root certificate in its certificate store, it will not trust the SSL/TLS certificate and display the message "This website cannot be trusted." The security analyst should update the root certificate into the client computer certificate store to ensure that the web browser trusts the SSL/TLS certificate.

The other options are not appropriate for resolving this issue:

B. Ensure the certificate has a .pfx extension on the server: The file extension of the SSL/TLS certificate does not affect the web browser's trust. It is usually in the form of a .crt or .pem file.

D. Install the updated private key on the web server: The private key is used to decrypt the SSL/TLS traffic on the web server. It does not affect the web browser's trust of the SSL/TLS certificate.

E. Have users clear their browsing history and relaunch the session: Clearing browsing history will not resolve the issue with the SSL/TLS certificate. It only removes the browser's cached data, such as cookies and temporary files.

Therefore, options A and C are the correct choices to resolve the issue with the SSL/TLS certificate.

Prev Question Next Question