Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
577
Views
2
Helpful
2
Replies

Expressway Web Page Insecure

Go to solution
Marcelo Bergamini
Level 1
Level 1

‎02-01-2024 06:41 PM

Hello, guys.

A question about Expressway Administration Web Page.

We have an Expressway with a server certificate signed by a CA.

If we put the FQDN of this Expressway in the browser, ok, the connection is secure. If we put the IP ADDRESS of this Expressway in the browser it´s shows connection insecure and we need to accept the exception to go ahead.

I know that it is because the IP ADDRESS isn´t int the common name in the certificate.

There is some way to secure this access using IP ADDRESS or we need always to use the FQDN ?

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Roger Kallberg
VIP
VIP

‎02-01-2024 09:49 PM

You need to use the FQDN to not have the warning about the certificate not being valid. Either way the communication as such is secure, it’s “just” the browser warning about not being able to verify the identity of the entity.



Response Signature


View solution in original post

Go to solution
Nithin Eluvathingal
VIP
VIP

‎02-01-2024 11:02 PM

That is the expected behavior. When you use the IP address on the web, the PC expects the certificate presented by the server to have the same IP address details.

Adding IP address to the certificate is insecure, so only the FQDN's are included on the certs.

You need to use FQDN to avoid this issue, as @Roger Kallberg replied on this post. Or you can add the IP address to the cert, but that is not secure.



Response Signature


View solution in original post

0 Helpful
2 Replies 2

Go to solution
Roger Kallberg
VIP
VIP

‎02-01-2024 09:49 PM

You need to use the FQDN to not have the warning about the certificate not being valid. Either way the communication as such is secure, it’s “just” the browser warning about not being able to verify the identity of the entity.



Response Signature


Go to solution
Nithin Eluvathingal
VIP
VIP

‎02-01-2024 11:02 PM

That is the expected behavior. When you use the IP address on the web, the PC expects the certificate presented by the server to have the same IP address details.

Adding IP address to the certificate is insecure, so only the FQDN's are included on the certs.

You need to use FQDN to avoid this issue, as @Roger Kallberg replied on this post. Or you can add the IP address to the cert, but that is not secure.



Response Signature


0 Helpful
Customers Also Viewed These Support Documents