Cannot regenerate Webadmin CA

Question

Hi All,

I have installed 9.201-23 today on one customer site. I am not able to fix Webadmin Certificate issue. As you can see from screenshot, the CA is valid from 04/12/2014, because BIOS data was wrong. Now, I regenerated the certificate throught webadmin console > Webadmin Setting and also I tried with Web Server Protection. I do not want to erase all the configuration today(many packet filtering rules).

Is there a way to regenerate Webadmin CA Certificate?

Thank you all!

Luciano

This thread was automatically locked due to age.

GMF · Answer

For WebAdmin:

To regenerate the CA proceed as follows:
1.Login to the shell of the UTM first as loginuser and then get root: su -
2.Now type in the following command to open the ConfdClient: cc
3.Within the ConfdClient type use the command: RAW
4.Now regenerate the CA with:

ca_generate_signing_ca({name=>'webadmin ca', key_size=>2048, country=>'CountryAcronym', state=>'StateName', city=>'CityName', organization=>'OrganizationName', common_name=>'UTMhostname', email=>'mailaddress@maildomain.com'})

Note: Adapt the country, state, city, organization, common_name and email strings to your own UTM settings (country field must be in caps - eg. CA, DE)

The result should be result: 'REF_CaSigWebadminCa2'

5.Next step is to switch to Main Mode: MAIN
6.Navigate to: webadmin
7.Now type in: ca$
8.The last step is to assign the new CA to the WebAdmin with: =REF_CaSigWebadminCa2
Note: The result should be 1.

Next step is to re-generate the certificate for WebAdmin with the new CA, proceed as follows:
1.Navigate to 'Management | WebAdmin Settings | HTTPS Certificate'.
2.In the area Re-generate WebAdmin certificate click 'Apply'.

The WebAdmin certificate will be regenerated. Your UTM will reload automatically and you will have to re-login.