09-22-2012 03:26 AM
After doing a firmware upgrade yesterday, from the v1.0.3.5 to the latest v.1.0.4.17 I suddenly get the following error, when trying to login into my Cisco router:
Something about a security certificate being wrong(having same serial number as another one). Using MS Explorer 9 I can still "force" acces to the login menu, but obviously this shouldn't be necessary and I would like to get my router working properly.
The update procedure was as follows: Download latest firmware file. Acces firmware upgrade menu in the router and selected the file. Waited couple minutes undtil the "countdown" reached zero. Got an acces error. Tried doing an windows network repair(because of a network notification error). Then tried accesing the internet and it worked(I think it did before the repair also). Did a network repair again, was advised to try and switch the router off-on again. did that...don't get any small notification error icons on the network acces icon anymore. But I still get the error about wrong security certificate, when I try and acces the Router login menu.
Any help or info would be appreciated! :-)
Cheers!
Ps: The error pop-up window is in danish!
09-22-2012 09:48 AM
Hello Daniel
tried to delete the old certificate store firefox???
cordially
Thierry
09-22-2012 11:00 AM
Thanks for the suggestion Thierry!
But after looking around, the only real fix seems to be to get a new Cisco certificate, but I currently don't know how to get that. Is there a guide that Cisco recommends or that proved working for others?
I have tried out the suggestions from this site = http://answers.microsoft.com/en-us/ie/forum/ie9-windows_7/i-continually-get-a-security-certificate-error/273f6629-bedb-492a-a355-967c62e8fa3e?msgId=9b37326c-8349-4cf8-98f7-888b66359c6d but to no luck. I succesfully installed a new certificate, but still get the certificate error. Problem is, as I understand it, that the certificate I'm using has same publisher and owner, and they should be different....under "normal" circumstances, it would be considered ID fraud and a possible security threat and is treated as such by IExplorer and Firefox!
I also found a post from another user on this forum, warning about upgrading to this latest firmware, and he seems to mention my issue too. Here's the quote about my issue:
Joergen Thomsen wrote:
.....
2) The firmware is released with a reissued certificate with the same serial number.
This is bad practice and should simply not happen
It is preventing access to the router from e.g. the Firefox browser.
Old Certificate:
Data:
Version: 4 (0x3)
Serial Number: 14872231 (0xe2eea7)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=588D09E2EEA7, OU=RV220W, O=Cisco Systems, Inc., C=US
Validity
Not Before: Mar 13 02:40:08 2009 GMT
Not After : Mar 11 02:40:08 2019 GMT
Subject: CN=588D09E2EEA7, OU=RV220W, O=Cisco Systems, Inc., C=US
New Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14872231 (0xe2eea7)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=588D09E2EEA7, OU=RV220W, O=Cisco Systems, Inc., C=US
Validity
Not Before: Jan 1 00:00:15 2011 GMT
Not After : Dec 29 00:00:15 2020 GMT
Subject: CN=588D09E2EEA7, OU=RV220W, O=Cisco Systems, Inc., C=US
You can find his thread here = https://supportforums.cisco.com/message/3715375#3715375
Would be nice with a permanent fix to the issue! :-)
04-29-2013 03:39 PM
It's been seven months since this problem with the v.1.0.4.17 upgarde was posted. Has anyone found a fix to the "security certificate" error?
05-02-2013 01:09 PM
Don't count on a timely fix. This and every other Cisco "SMB" product is a steaming pile of bug riddled crap. We have maybe 10 of these deployed and none of them are stable enough to be considered VPN endpoints of any kind. I have gone round and round with Cisco support regarding numerous unfixed but well documented issues. We are in the process of moving customers to UTM devices that are more stable and backed by real support, not an overseas call center reading from a flow chart. We have had similar (worse) experiences with the UC-320 platform and most of the other SMB routers and access points. Threre is simply no excuse for products that are this bad, especially from a company with resources that run as deep as Cisco.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide