IE上ORACLE OEM 证书错误 , 导航阻止,无法”继续浏览此网站”

本文是我安装ORACLE11g后客户端IE访问不了是出现的,无奈下找OTN上help,

结果很lucky的被解脱了。

网站是:https://forums.oracle.com/forums/thread.jspa?threadID=2461254&tstart=135

我翻译翻译一下,若有错误,欢迎纠正

(一)出现问题

Certificate Error: Navigation Blocked
------------证书错误 , 导航阻止

image

此时证书既没有安装提示,又没有”继续浏览此网站”提示

客户端排错时的处理情况:

(1)IE9/IE10 popup blocker disabled --------------------IE9/IE10启动弹出式窗口过滤器关闭
(2)TRUSTED SITE security level set LOW,

Database control URL in TRUSTED SITE list

   ---------------------OEM加入[受信任的站点]

具体是:IE选项-〉安全-〉受信任的站点-〉站点-〉加入OEM站点;

之后受信任的站点 安全级别置为低

image

(3)IE9/IE10 Protected mode NOT enabled--------------关闭IE9/IE10的安全模式

image

Protected mode in IE8, IE9, and IE10 is a feature that makes it more difficult for malicious software to be installed on your computer.

In addition to helping protect your computer from malicious software, protected mode allows you to install wanted ActiveX controls or add-ons when you are logged in as an administrator.

在IE8,IE9和IE10的保护模式是一种功能,使得恶意软件更难以在计算机上安装。
除了帮助保护您的计算机免受恶意软件,保护模式让你的计算机仅在以管理员身份登录时可以安装ActiveX控件或add-ons组件。

 

服务器上状况:

[oracle@localhost ~]$ emctl start dbconsole
Oracle Enterprise Manager 11g Database Control Release 11.2.0.1.0
Copyright (c) 1996, 2009 Oracle Corporation.  All rights reserved.
https://test:1158/em/console/aboutApplication
- An instance of Oracle Enterprise Manager 11g Database Control is already running.
[oracle@localhost ~]$
[oracle@localhost ~]$ emctl status dbconsole
Oracle Enterprise Manager 11g Database Control Release 11.2.0.1.0
Copyright (c) 1996, 2009 Oracle Corporation.  All rights reserved.
https://test:1158/em/console/aboutApplication
Oracle Enterprise Manager 11g is running.
------------------------------------------------------------------
Logs are generated in directory /app/oracle/product/11.2.0/dbhome_1/test_orcl/sysman/log

#---------------oracle OEM 启动

 

 

(二)问题原因

 

都提到

Windows 7 更新程序 (KB2661254)

http://support.microsoft.com/?kbid=2661254

Microsoft 安全公告:最小证书密钥长 度更新

---------------------这是

oracle em的证书秘钥< 1024,导致ORACLE OEM登陆 证书错误 , 导航阻止

 

(三)解决方法

要仅启用日志记录而不阻止长度少于 1024 的密钥,请在OEM客户端使用以下

certutil 命令:

certutil -setreg chain\EnableWeakSignatureFlags 8

---------[使用链配置注册表项]

C:\Users\Administrator>certutil -setreg chain\EnableWeakSignatureFlags 8
Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChain
Engine\Config\EnableWeakSignatureFlags:

新值:
  EnableWeakSignatureFlags REG_DWORD = 8
CertUtil: -setreg 命令成功完成。
CertSvc 服务可能需要重新启动,以使更改生效。

问题解决,Happy END!

登陆https://[oem-site]:1158/em/

image

你可能感兴趣的:(证书错误,oem,导航阻止)