Topic: [SOLVED] W10 can't access SME SERVER : SSL_ERROR_BAD_CERT_ALERT

[globalsi]

Hi,
I have an SME9 server with 30 computers running Win10pro.
Since this morning, I have a desktop that can no longer access the web interface of the server nor receive mail from the server.
In a firefox browser, I have this error: SSL_ERROR_BAD_CERT_ALERT
In outlook, I have this error: 0x800CCC1A
Looking through the SME certificate from another post, I see that it has been renewed this morning. So I think it's linked.
I deleted in the certificate manager on the Windows workstation all the references to the SME certificate but I still have this problem.
Do you have any tips?
Thank you.

PS : in chrome, the error is "ERR_BAD_SSL_CLIENT_AUTH_CERT". And with another session on the same laptop, i have the same results.

[ReetP]

Did you do any updates last night?

What sort of certificate are you using?

[TerryF]

Microsoft deployed latest Win10 updates for all vers over last couple of weeks, my home box updated on the 14 Nov, one of its big things was it was supposed to fix issues with domain users and  win10 in particular pro

As ReetP raised what updates have you rolled out recently, that's windows and server

What AV software on win10pro, I occasionally have had an issue with Avast

[ReetP]

Also what else was reported in the error message. Something like this?

https://answers.microsoft.com/en-us/windows/forum/windows_10-networking-winpc/i-get-error-message-errbadsslclientauthcert-while/fd1cabfe-1778-42a9-8fc1-ab2dd02b6db4

ERR_BAD_SSL_CLIENT_AUTH_CERT
This server requires a certificate for authentication, and didn't accept the one sent by the browser. Your certificate may have expired, or the server may not trust its issuer. You can try again with a different certificate, if you have one, or you may have to obtain a valid certificate from elsewhere.

[globalsi]

Did you do any updates last night?

Yes

What sort of certificate are you using?

The self certificate of SME.

[globalsi]

Microsoft deployed latest Win10 updates for all vers over last couple of weeks, my home box updated on the 14 Nov, one of its big things was it was supposed to fix issues with domain users and  win10 in particular pro

As ReetP raised what updates have you rolled out recently, that's windows and server

What AV software on win10pro, I occasionally have had an issue with Avast

We use ESET32
yesterday's updates were: KB4023057 and KB4100347
The SME9 is up to date

[globalsi]

The problem is fixed. 
 It was, as TerryF suggested, the ESET antivirus that was blocking the certificate. I had tested yesterday disabling antivirus protection but it had not to block the management of certificates apparently.
(howto : https://infoinspired.com/how-to-guides/chrome-error-err_bad_ssl_client_auth_cert-solved/ )

Sorry for the inconvenience and thank you for your research!

[ReetP]

The problem is fixed. 

Sorry for the inconvenience and thank you for your research!

No problems - the main thing is you got it fixed.

One point to seriously consider is using letsencrypt certs.......

[globalsi]

One point to seriously consider is using letsencrypt certs.......

Indeed, it's in the next steps.

[ReetP]

Indeed, it's in the next steps.

Cool - good idea

Shout if you get stuck. The contrib makes it pretty easy.

https://wiki.contribs.org/Letsencrypt#Contrib_Installation_of_Dehydrated

Just use test mode until it works correctly....

[TerryF]

Sorry for the inconvenience and thank you for your research!

Mate, its never an issue asking for help, its not even help, its the collective experience my idea was just a punt from my experience.

Whats important is anyone using Avast or as in your case ESET antivirus who casually browsing through here sees this and some time down the track gets a problem thinks hang on I can dimly remember something about ESET - bingo

What can be even more fun is when you get someone, at work, family always a good one describes their problem to you and are desperate, you can see it in their eyes and you just casually say do yada yada and continue on with what you were talking about/doing, brownie points galore