This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL CERTIFICATE INSTALLED SUCCESSFULLY BUT STILL GETTING BROWSER HTTPS WARNINGS

Hi experts, I am trying to install a SSL certificate that we bought from a certificate authority, This certificate is working very fine in some Windows Server that we have, which is using IIS 7 and IIS 10 as the web servers. I made a backup of the certificate when I received it from the CA, the backup contains certificate plus key, in a PKCS#12 file format, which is also imported with a passsword. What I did first was upload the file; I went in WEBSERVER PROTECTION > CERTIFICATE MANAGEMENT > CERTIFICATES, I hitted "+ New Certificate..." button, putted a name, and I choose the Method as UPLOAD, then I searched from the certificate file, put my password and saved. The upload of the certificate was made fine, no problem or warnings was poped. The second step I made was went to the MANAGEMENT > WEBADMIN SETTINGS > HTTPS CETIFICATES, in option "Choose WebAdmin certificate", in the certificates container, I choosed the newly uploaded certificate, and clicked in "Apply". once again, no errors or warnings. The problem is: even with no errors in the certification import to the UTM, the web browser still showing security warnings, as you guys can see in the print below, the certificate is valid but the message that appears is that the connection is not safe. Any idea? Thanks in advance.

 

Sophos UTM v. 9.701-6

 



This thread was automatically locked due to age.
Parents
  • Hi Antonio,

    according to your screenshot you have a wildcard certificate for *.pi.senac.br. but you tried to access the name fwa01.adm.pi.senac.br which is not covered by the wildcard (and so the browser gives you the warning). Reason see https://en.wikipedia.org/wiki/Wildcard_certificate (... wildcard only covers one level of subdomains.)

    Solution, change the hostname of the firewall e.g. to fwa01-adm.pi.senac.br or use a letsencrypt cert for the hostname.

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

Reply
  • Hi Antonio,

    according to your screenshot you have a wildcard certificate for *.pi.senac.br. but you tried to access the name fwa01.adm.pi.senac.br which is not covered by the wildcard (and so the browser gives you the warning). Reason see https://en.wikipedia.org/wiki/Wildcard_certificate (... wildcard only covers one level of subdomains.)

    Solution, change the hostname of the firewall e.g. to fwa01-adm.pi.senac.br or use a letsencrypt cert for the hostname.

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

Children
No Data