Re: SG300 WebGUI URL-Rewrite

Christian Woegerbauer · ‎04-07-2020

Recently imported a SSL certificate (*.domain.tld) to a SG300 Switch. Worked fine, certificates shows up with the correct name in the SSL Server Key Table (Security - SSL Server - SSL Server Authentication Settings).

But when i enter the URL https://switchname.domain.tld in the browser the switch rewrites it to https://IP-address-of-switch and the browser shows a (correct) certificate warning. With this behaviour it makes no sense to import named certificates.

Does anybody knows a solution to this problem/wrong behaviour of the switchs internal webserver?

Thanks,

Woger

agekov · ‎04-15-2020

Hello @Christian Woegerbauer,

Hope you are doing well!

My name is Anton and I am part of the Cisco SMB Support!

From your description I conclude that you have successfully configured certificate on the switch which is a self-signed certificate. Since it is not issued by trusted CA browser will treat it as non trusted and will issue this warning message. I can recommend two options:

1. To generate Certificate Request ( CSR ) to a trusted CA which usually costs some expenses.

2. Try to export the self-signed certificate you have created and include in the browser trusted certificates which hopefully will bypass the SSL certificate warning.

Kind Regards!

Anton Gekov
Technical Consulting Engineer – Level 1
Global CX Centers – Small Business Support

Christian Woegerbauer · ‎04-15-2020

Hello Anton!

No, as i wrote it's not a self signed certificate. It's a valid certificate signed by a trusted CA.

And the problem is all about the URL-Rewriting the FQDN to IP of the switch when the WebUI is accessed from a browser.

Regards,

Woger

mihail_ip · ‎04-18-2020

Hello Christian,

What is the firmware version?

Regards,

Mike

Christian Woegerbauer · ‎04-20-2020

Hello Mike!

Firmware is the latest 1.4.11.4

Regards,

Chris