Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Legal Hold Confirmation Page: There is a problem with this website's security certificate

Created: 25 Apr 2013 | 9 comments

I am configuring the Legal Hold confirmation server on a new Clearwell v7.1.2 install.  By default, links to the confirmation webpage are configured as HTTPS, so when a custodian clicks on a Legal Hold confirmation link, they get this message:

 

There is a problem with this website's security certificate.
  
The security certificate presented by this website was issued for a different website's address.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. 
 
We recommend that you close this webpage and do not continue to this website. 

 Click here to close this webpage. 
 
 Continue to this website (not recommended). 
    
 More information

 

We will not be deploying a certificate since all access is internal.  The Legal Hold guide suggests two methods to create a certificate but there is a property that will direct the user to a non-secure version of the Confirmation Server, an HTTP address instead of an HTTPS, that will eliminate this error. 

Property to change: esa.icp.holds.link.useHttps
Value to set: false
Confirm Change. 

No need to restart services, the new link will go to HTTP and all of the previous hold notices are accessible there.

 

Operating Systems:

Comments 9 CommentsJump to latest comment

Liam Finn's picture

Is there a question here or are you just making a statement of something you did?

joe.lombardo@suntrust.com's picture

It was put in as a Tip/How To

 

I searched for this solution earlier in the day and found no articles.  Once I found the answer I wanted to share for the next poor soul who came along looking for the same thing.

Liam Finn's picture

Good Idea.

 

My question is seeing as it is internal only and you are being redirected to HTTP anyway why have it use HTTPS at all?

 

The redirect removes any security that you were hoping to get through HTTPS

 

I think if HTTPS is needed then installing a full certificate not a self-signed one will not only remove the certificate warning message in IE but it will also ensure that the users are reaching a secure site and any communication is secure.

Just my thoughts :)

 

joe.lombardo@suntrust.com's picture

In my situation, all traffic is inside our network so HTTPS and a Cert was redundant. 

The default installation of the confirmation server directs it to HTTPS.  This solution is really only viable in a situation similar to mine. 

If someone is inside our network who shouldn't be, the security of our Legal Hold confirmation page are the least of our problems!

ksully's picture

Could you help me find the Legal Hold Set up guide?  I can't find it anywhere.

danielle.levenson's picture

Hi Ksully,

you can log into the application and click on the Documentatation link at the bottom of the window to display a link to all guides

Liam Finn's picture

Agreed, It should also be in the appliance and the local person responsible for managing the appliance should also have a copy.

 

If you have specific questions please open a new thread and we will address any questions you have

Jimmy Harris's picture

Hey Joe,

Thank you for passing on the info. And yes I've arrived to the party a bit late. However, I did create a Tech Note TECH205743 for how to do this and it should be Public soon as I just published it.

Regards,
James Harris
Sr. Technical Account Manager Clearwell eDiscovery,
Business Critical Services
Symantec Corporation