03-09-2020 12:47 PM
I have an RV325 router (Firmware: 1.3.1.12) with a self signed certificate.
With my new Mac I can't access anymore the router because of a certificate error.
Safari and Chrome: "connection is not private". ( NET::ERR_CERT_INVALID).
Probable cause: the browsers don't accept self signed certificates.
What must I do to get access with my new Mac? Can you give me a detailed procedure?
Sorry I know nothing about certificates.
Thank you very much.
Paul Plehier
Solved! Go to Solution.
03-09-2020 03:41 PM - edited 03-09-2020 03:42 PM
Hi,
As this is a Self Signed Certificate, it won't be trusted by a browser that hasn't explicitly trusted it. You can trust the certificate in MacOS by doing the following:
1. Download the certificate
2. Double Click on the Certificate File, and open it in KeyChain Access (You will need to enter an MacOS Administrator password to open KeyChain Access). This will load the certificate into the MacOS Certificate Store
3. In the KeyChain Access App, under "KeyChains" click System, and you should see on the right side a list of system wide certificates, along with the one you just recently added
4. In the KeyChain Access App, right click on the certificate you just loaded in step 2. and select "Get Info"
5. In the newly opened tab, the certificate details will be presented. There is a drop down arrow for "Trust". Select the "Trust" drop down arrow
6. After clicking the arrow in step 5, you will see a variety of permissions for where the newly added Certificate will be trusted. These options include "SSL, S/MIME, EAP, IPSEC, Code Signing, Time Stamping and X.509". As this is just the certificate that your router presents on the Web Portal, I advise you only trust this certificate for SSL, however you do have the ability to trust the certificate indiscriminately if you need to.
7. Click the window icon to close the "Get Info" tab. You will be prompted to enter your MacOS Administrator credentials. Entering the credentials will save your new certificate trust configuration in the MacOS System Store for all MacOS users.
8. Restart your web browser and navigate to the Web Portal. Your browser should now trust the certificate that is presented without issues
03-18-2020 02:27 AM
At least in the case of the Firefox browser, it doesn't use any of the underlying OS certificates - Firefox comes with its own set of Root CA certs as well as user-added certs. This means that if you browse to a site with Firefox, you may or may not have the same experience as other browsers that use the OS certificate store (e.g. Windows IE/Edge and Chrome)
03-09-2020 03:16 PM
There is a great hidden trick in Chrome. I have had to use this on systems like Cisco 9800 controllers when using Chrome. Chrome sometimes refuses to bring up the login page for a system with self-signed cert.
Solution: Browse to the page and wait for the error to appear on the page. Then type the following:
thisisunsafe
You won't see any characters - but as soon as you have typed the phrase, you will be allowed to proceed. It's a bit weird, but it works. key stroke logger in a Google product ...who would have thought, eh ;-) What else are they logging ...?
See if that helps
03-11-2020 07:29 AM
Hi Arne,
Great! It works !!
Indeed: What else are they logging ...?
Thx
PP
03-09-2020 03:41 PM - edited 03-09-2020 03:42 PM
Hi,
As this is a Self Signed Certificate, it won't be trusted by a browser that hasn't explicitly trusted it. You can trust the certificate in MacOS by doing the following:
1. Download the certificate
2. Double Click on the Certificate File, and open it in KeyChain Access (You will need to enter an MacOS Administrator password to open KeyChain Access). This will load the certificate into the MacOS Certificate Store
3. In the KeyChain Access App, under "KeyChains" click System, and you should see on the right side a list of system wide certificates, along with the one you just recently added
4. In the KeyChain Access App, right click on the certificate you just loaded in step 2. and select "Get Info"
5. In the newly opened tab, the certificate details will be presented. There is a drop down arrow for "Trust". Select the "Trust" drop down arrow
6. After clicking the arrow in step 5, you will see a variety of permissions for where the newly added Certificate will be trusted. These options include "SSL, S/MIME, EAP, IPSEC, Code Signing, Time Stamping and X.509". As this is just the certificate that your router presents on the Web Portal, I advise you only trust this certificate for SSL, however you do have the ability to trust the certificate indiscriminately if you need to.
7. Click the window icon to close the "Get Info" tab. You will be prompted to enter your MacOS Administrator credentials. Entering the credentials will save your new certificate trust configuration in the MacOS System Store for all MacOS users.
8. Restart your web browser and navigate to the Web Portal. Your browser should now trust the certificate that is presented without issues
03-11-2020 07:37 AM
Hi Poe,
Works fine with Google Chrome, now I can access the router ( unsecured connection).
No change for Safari ("Connection not private" and no access).
Any idea for Safari?
Nevertheless thanks.
PP
03-12-2020 11:09 AM
Hello,
I apologize, but I'm unsure why a certificate that is trusted at the system level similar to how I instructed would be trusted by one browser and not the other.
I advise that you clear all website data/ history in Safari as a troubleshooting next-step.
03-18-2020 02:27 AM
At least in the case of the Firefox browser, it doesn't use any of the underlying OS certificates - Firefox comes with its own set of Root CA certs as well as user-added certs. This means that if you browse to a site with Firefox, you may or may not have the same experience as other browsers that use the OS certificate store (e.g. Windows IE/Edge and Chrome)
03-20-2020 09:02 AM
Hi Arne,
Thanks for the Firefox-tip.
Now I am facing another problem: 502 Bad Gateway after upgrading from 1.
3 to 1,5 . I found a procedure for solving this problem.
Thanks,
PP48133
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: