08-17-2017 02:15 PM
Hello, I'm curious where you install the certificate for the S300V 10.5.1-296 so you can administer the device in firefox without a certificate error.
We have a working S170 on 10.1.1, but the Network > Certificate Management page has an additional "Appliance Certificates" section on the new virtual WSA running 10.5.1. I generated a request, submitted it to our domain CA, converted it to PEM format with OpenSSL and installed it. It appears recognized, however even after a virtual appliance reboot, firefox claims the site is not trusted. Firefox still shows the certificate is issued to CN Cisco Appliance Demo Certificate.
What am I missing?
I tried to just import the settings from our S170 on 10.1.1, but get this:
Configuration File was not loaded. Parse Error on element "https_certificate" line number 162 column 22: Error in certificate validation: Certificates signature verification failed.
So I had to go to line 162 and remove the https_certificate section in order to get the settings to apply. I have no idea why.
Oddly, or Domain root cert is applied in the HTTPS proxy section, so the cert data starting on line 162 on the config xml file was not that one.
Solved! Go to Solution.
08-17-2017 03:48 PM
I'm pretty sure it's in the CLI
Certconfig is the command that's coming to mind.
08-17-2017 03:48 PM
I'm pretty sure it's in the CLI
Certconfig is the command that's coming to mind.
08-22-2017 08:44 AM
Yes I was able to get the cert loaded via the web gui, but I had to activate (choose it) via SSH connection (CLI). Even once this was done and committed, the certificate did not actually change until I rebooted the virtual appliance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide