https://community.cisco.com/t5/network-security/fmc-does-not-login/m-p/4462059#M1083464 <P>Hello, you didn't state it but would you happen to have configured your FMC for Common Access Card (CAC) login?</P><P>This should help if you did.</P><P>When working with the FMC you can set it up for CAC login.<BR />There is a check box required to enable it.<BR />If it's enabled you will be locked out of the GUI console.<BR />To fix this you should be familiar with unix/linx VI commands.<BR />Login to FMC CLI through securecrt.<BR />&gt; expert<BR />admin@yvafmc1:~$ sudo su<BR />Password: &lt;enter fmc admin pwd&gt;<BR />cd /etc/httpd<BR />vi ssl_certificates.conf<BR />############################################################<BR />#use the arrow keys to move down to the line "SSL_VerifyClient"<BR />#Type "shift a"<BR />#From the end of the line delete the value there "require" using the "backspace" key.<BR />#Once done enter "optional"<BR />#Now press "ESC" then "shift :" and type "wq!" to save the file<BR />#type "more ssl_certificates.conf" to make sure the change you made is the one you want.<BR />#############################################################</P><P># This is what the file looks like when not working<BR />SSLCertificateFile /etc/ssl/server.crt<BR />SSLCertificateKeyFile /etc/ssl/server.key<BR />SSLCACertificateFile /etc/ssl/ca-cert.pem<BR />SSLCACertificatePath /etc/ssl<BR />&lt;Location /&gt;<BR />SSLVerifyClient require (change require to optinonal)<BR />&lt;/Location&gt;<BR />SSLOCSPEnable on (delete this line)</P><P># After the change you should see.<BR />SSLCertificateFile /etc/ssl/server.crt<BR />SSLCertificateKeyFile /etc/ssl/server.key<BR />SSLCACertificateFile /etc/ssl/ca-cert.pem<BR />SSLCACertificatePath /etc/ssl<BR />&lt;Location /&gt;<BR />SSLVerifyClient optional<BR />&lt;/Location&gt;</P><P># Save this based on the directions above</P><P>#After saving this change restart the http daemon.<BR />#This should take about 3 minutes<BR />root@yvafmc1:/etc/httpd# pmtool RestartByID httpd<BR />root@yvafmc1:/etc/httpd# /etc/rc.d/init.d/console restart<BR />Stopping Cisco Firepower Management Center for VMWare......ok<BR />Starting Cisco Firepower Management Center for VMWare, please wait......started.</P><P>&nbsp;</P> Wed, 08 Sep 2021 21:42:09 GMT Eric R. Jones 2021-09-08T21:42:09Z https://community.cisco.com/t5/network-security/fmc-does-not-login/m-p/4461710#M1083436 <P>Hello&nbsp;</P><P>&nbsp;</P><P>I have an issue with a new FMC</P><P>I installed 6.4 in VMware&nbsp;</P><P>In the console I input the mgmt IP&nbsp;</P><P>I am able to access the page and enter the credentials&nbsp;</P><P>But this is the furthest I can get it hangs there&nbsp;</P><P>&nbsp;</P><P>Any ideas?</P><P>&nbsp;</P><P>Thanks and regards,&nbsp;</P><P>Konstantinos</P> Wed, 08 Sep 2021 13:24:50 GMT https://community.cisco.com/t5/network-security/fmc-does-not-login/m-p/4461710#M1083436 kostasthedelegate 2021-09-08T13:24:50Z https://community.cisco.com/t5/network-security/fmc-does-not-login/m-p/4462059#M1083464 <P>Hello, you didn't state it but would you happen to have configured your FMC for Common Access Card (CAC) login?</P><P>This should help if you did.</P><P>When working with the FMC you can set it up for CAC login.<BR />There is a check box required to enable it.<BR />If it's enabled you will be locked out of the GUI console.<BR />To fix this you should be familiar with unix/linx VI commands.<BR />Login to FMC CLI through securecrt.<BR />&gt; expert<BR />admin@yvafmc1:~$ sudo su<BR />Password: &lt;enter fmc admin pwd&gt;<BR />cd /etc/httpd<BR />vi ssl_certificates.conf<BR />############################################################<BR />#use the arrow keys to move down to the line "SSL_VerifyClient"<BR />#Type "shift a"<BR />#From the end of the line delete the value there "require" using the "backspace" key.<BR />#Once done enter "optional"<BR />#Now press "ESC" then "shift :" and type "wq!" to save the file<BR />#type "more ssl_certificates.conf" to make sure the change you made is the one you want.<BR />#############################################################</P><P># This is what the file looks like when not working<BR />SSLCertificateFile /etc/ssl/server.crt<BR />SSLCertificateKeyFile /etc/ssl/server.key<BR />SSLCACertificateFile /etc/ssl/ca-cert.pem<BR />SSLCACertificatePath /etc/ssl<BR />&lt;Location /&gt;<BR />SSLVerifyClient require (change require to optinonal)<BR />&lt;/Location&gt;<BR />SSLOCSPEnable on (delete this line)</P><P># After the change you should see.<BR />SSLCertificateFile /etc/ssl/server.crt<BR />SSLCertificateKeyFile /etc/ssl/server.key<BR />SSLCACertificateFile /etc/ssl/ca-cert.pem<BR />SSLCACertificatePath /etc/ssl<BR />&lt;Location /&gt;<BR />SSLVerifyClient optional<BR />&lt;/Location&gt;</P><P># Save this based on the directions above</P><P>#After saving this change restart the http daemon.<BR />#This should take about 3 minutes<BR />root@yvafmc1:/etc/httpd# pmtool RestartByID httpd<BR />root@yvafmc1:/etc/httpd# /etc/rc.d/init.d/console restart<BR />Stopping Cisco Firepower Management Center for VMWare......ok<BR />Starting Cisco Firepower Management Center for VMWare, please wait......started.</P><P>&nbsp;</P> Wed, 08 Sep 2021 21:42:09 GMT https://community.cisco.com/t5/network-security/fmc-does-not-login/m-p/4462059#M1083464 Eric R. Jones 2021-09-08T21:42:09Z