https://community.cisco.com/t5/network-security/aaa-rules-certificate-address-mismatch-problem/m-p/1427166#M708278 <HTML><HEAD></HEAD><BODY><P>we solved it by using identity</P><P>certificate on ASA that has all server names that are accessed, stated in CN of certificate, a</P><P>nd this is working</P></BODY></HTML> Thu, 01 Jul 2010 17:44:16 GMT draganskundric 2010-07-01T17:44:16Z https://community.cisco.com/t5/network-security/aaa-rules-certificate-address-mismatch-problem/m-p/1427164#M708255 <P>I have several web sites with different names that are protected by aaa rules and external radius server against which user must authenticate. Problem is that when fw send its page with username and password, browser reports certificate address mismatch, because ther is difference between site name in ASA self signet certificate and site that is accessed. Is there a way to avoid this by some config in ASA. I know it is possible to turn off this check in IE, but thi is not preffered way for solving this.</P><P></P><P>thanks</P> Mon, 11 Mar 2019 18:04:49 GMT https://community.cisco.com/t5/network-security/aaa-rules-certificate-address-mismatch-problem/m-p/1427164#M708255 draganskundric 2019-03-11T18:04:49Z https://community.cisco.com/t5/network-security/aaa-rules-certificate-address-mismatch-problem/m-p/1427165#M708267 <HTML><HEAD></HEAD><BODY><P>Dragan,</P><P></P><P>I've played long time ago and only in the lab with CTP so I was never bothered by warnings.</P><P>What do you have configured?</P><P></P><P>Did you try using redirect with listener?</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/a1.html#wp1556188">http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/a1.html#wp1556188</A></P><P>Do you have secure client enabled?</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/a1.html#wp1556729">http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/a1.html#wp1556729</A></P><P></P><P><BR />I'm not sure if even installing a proper cert on the ASA/PIX will help.</P><P></P><P>Marcin</P></BODY></HTML> Tue, 29 Jun 2010 17:14:36 GMT https://community.cisco.com/t5/network-security/aaa-rules-certificate-address-mismatch-problem/m-p/1427165#M708267 Marcin Latosiewicz 2010-06-29T17:14:36Z https://community.cisco.com/t5/network-security/aaa-rules-certificate-address-mismatch-problem/m-p/1427166#M708278 <HTML><HEAD></HEAD><BODY><P>we solved it by using identity</P><P>certificate on ASA that has all server names that are accessed, stated in CN of certificate, a</P><P>nd this is working</P></BODY></HTML> Thu, 01 Jul 2010 17:44:16 GMT https://community.cisco.com/t5/network-security/aaa-rules-certificate-address-mismatch-problem/m-p/1427166#M708278 draganskundric 2010-07-01T17:44:16Z