“Invalid Security Certificate”

 

If you see a message warning you that a MNBC website has in Invalid Security Certificate, it is still safe to proceed to the site if the web address contains “bcmetiscitizen.ca”. 

 

This page gives background about why this warning appears, why it is still safe to proceed, and finally how this warning could be eliminated.

 

The servers at the Vancouver offices of MNBC use the internet domain name bcmetiscitizen.ca. 

When the Citizenship System was set up, a security certificate was obtained for secure.bcmetiscitizen.ca.  This is a subdomain of bcmetiscitizen.ca - subdomains have an additional word and a dot before bcmetiscitizen.ca.  The web address is https://secure.bcmetiscitizen.ca

 

Some of the MNBC websites are not secured, such as the ones having pages with Google Maps

http://document.bcmetiscitizen.ca/

http://public.bcmetiscitizen.ca/

http://public.bcmetiscitizen.ca/survey.php

http://gateway.bcmetiscitizen.ca/

 

As well as the citizenship system, the sites that use the certificate are the harvesting card administration and the Senate system.

https://harvest.bcmetiscitizen.ca/

https://senate.bcmetiscitizen.ca/

 

Since these sites are not accessed by the general public but only by specific small groups of MNBC staff and officials, it is hoped that the appearance of this warning is not too disruptive.

 

For Internet Explorer, see below.  With Firefox, the warning looks like this:

 

 

Clicking on “Technical Details” gives a good explanation of why the warning appears.

 

 

If you click on “I Understand the Risks”, you have the option to add https://harvest.bcmetiscitizen.ca as an exception to the rule – the rule is to give a warning when the security certificate is not valid. 

 

 

If you click on “Confirm Security Exception”, then you can visit https://harvest.bcmetiscitizen.ca without being warned that the security certificate is for secure.bcmetiscitizen.ca. 

 

To remove the security exception, go to Tools > Options … > Advanced tab and click on the “View Certificates” button.  In the “Certificate Manager” window, click the Servers tab and you will see the certificate named “secure.bcmetiscitizen.ca” matched with the server “harvest.bcmetiscitizen.ca:443”.  Clicking on that certificate selects it and enables the “Delete…” button.

 

 

 

 

With Internet Explorer, the warning looks like this:

 

 

If you click “Continue to this website (not recommended)”, then the warning will not appear again until the next time you start Internet Explorer. 

 

The two of the ways to deal with the certificate error described above are:

1.       Use Firefox and add a certificate exception.

2.       Use Internet Explorer and “Continue to this website …”

(It’s similar with other browsers.)

 

If neither of these is acceptable, there are two other possibilities:

3.       Buy a certificate for https://harvest.bcmetiscitizen.ca  This would solve the problem for all browsers, but it would be an annual fee.

4.       Use the longer version of the URL ;  The system can also be accessed with the address https://secure.bcmetiscitizen.ca/mnbcharvester/mnbcharvester/ .  You could request Linux Magic to re-direct all requests for https://harvest.bcmetiscitizen.ca to be redirected to https://secure.bcmetiscitizen.ca/mnbcharvester/mnbcharvester/ .