Re: RV320: no web ui access after change primary certificate

klaus_b28 · ‎09-07-2016

Hello,

i've created a new self signed certificate in web ui -> my certificate with a valid date range. Selcet the new created certificate and make it the Primary certificate.

The web ui signed me off and from this point i could'nt access the web ui anymore. I've reset the router (reset button pressed 10 seconds). The reset works, because the IP was set to factory defaults. But the primary certificate was'nt reseted. So i could'nt log in to the web ui.

The browser shows me the certificate warning. When pressing the ignore link on the warning page, nothing happens, but the ignore link is removed from the warning page. Tested with edge and ie11 on win10.

Is there any way to remove the current primary certificate and restore the factory default certificate without web ui access?

Model RV320
FW: 1.3.1.12

Kind regards,
Klaus

klaus_b28 · ‎09-23-2016

BUMP

bbx-cisco · ‎01-17-2017

That is exactly my problem! Just happened. I can't find any help on this. Did you figure it out? If not, I hold out hope someone will help us.

The problem was my own mistake. When creating the self-signed cert, I left the Cisco's default for Key length; it is 512. For security, most (all?) web browsers have been requiring at least 1024 length key to allow access. A year or two. I knew when I created my first cert a while ago, but forgot to change the default when I created the new cert and set it as Primary.

For me, the error is: SSL_ERROR_WEAK_SERVER_CERT_KEY

Some browsers do not bother to say anything except they cannot connect to server, IE for example. Firefox gives me the above error.

Factory Default didn't seem to clear it. I can't find the cert installed on my system. I cleared the browser's cert database, so it rebuilt a new one. Solutions I've found on the internet don't help. For example, for Firefox go into about:config and change some parameters.

it@sharadaclinic.com · ‎12-13-2017

RV320: No access to web interface after change primary certificate and also not reset it

if anyone have solution please tell me

email

@klaus_b28 wrote:

Hello,

i've created a new self signed certificate in web ui -> my certificate with a valid date range. Selcet the new created certificate and make it the Primary certificate.

The web ui signed me off and from this point i could'nt access the web ui anymore. I've reset the router (reset button pressed 10 seconds). The reset works, because the IP was set to factory defaults. But the primary certificate was'nt reseted. So i could'nt log in to the web ui.

The browser shows me the certificate warning. When pressing the ignore link on the warning page, nothing happens, but the ignore link is removed from the warning page. Tested with edge and ie11 on win10.

Is there any way to remove the current primary certificate and restore the factory default certificate without web ui access?

Model RV320
FW: 1.3.1.12

Kind regards,
Klaus

it@sharadaclinic.com

nilslef · ‎12-16-2017

Hi

I'm having the same problem. Did you guys find a solution by now? I have tried resetting the router to factory default using the reset button but it does not seem to reset the certificates, only the settings. Checking the RV320 emulator online, there are two options to reset to factory default, the regular reset and a reset that includes the certificates. Is there any way of triggering the second option without having access to the configuration utility?

Really hope someone can help.

Thanks!

it@sharadaclinic.com · ‎12-18-2017

Actions taken:
·         Tried different browsers, computers and cables.
·         downloaded Nmap to check open ports, 8007 was open
·         Tried to access GUI with 192.168.1.1:8007
·         GUI is accessible.
 


Download Nmap and check open ports to access GUI

Nmap - Zenmap GUI soft for port check
https://nmap.org/zenmap/


192.168.1.1:8007


Scanning 192.168.1.1 [1000 ports]

Discovered open port 80/tcp on 192.168.1.1

Discovered open port 53/tcp on 192.168.1.1

Discovered open port 1723/tcp on 192.168.1.1

Discovered open port 443/tcp on 192.168.1.1

Discovered open port 8443/tcp on 192.168.1.1

Discovered open port 8000/tcp on 192.168.1.1

Discovered open port 8008/tcp on 192.168.1.1

Discovered open port 8007/tcp on 192.168.1.1  <---- acessed by this port 192.168.1.1:8007 

try using all open port after scanning that soft

nilslef · ‎12-18-2017

Port 8007 did the job! Incredible there's no info about this on the web. Thanks!

it@sharadaclinic.com · ‎12-18-2017

Actions taken:
·         Tried different browsers, computers and cables.
·         downloaded Nmap to check open ports, 8007 was open
·         Tried to access GUI with 192.168.1.1:8007
·         GUI is accessible.
 


Download Nmap and check open ports to access GUI

Nmap - Zenmap GUI soft for port check
https://nmap.org/zenmap/


192.168.1.1:8007


Scanning 192.168.1.1 [1000 ports]

Discovered open port 80/tcp on 192.168.1.1

Discovered open port 53/tcp on 192.168.1.1

Discovered open port 1723/tcp on 192.168.1.1

Discovered open port 443/tcp on 192.168.1.1

Discovered open port 8443/tcp on 192.168.1.1

Discovered open port 8000/tcp on 192.168.1.1

Discovered open port 8008/tcp on 192.168.1.1

Discovered open port 8007/tcp on 192.168.1.1  <---- acessed by this port 192.168.1.1:8007 

try using all open port after scanning that soft