How do I extend the validity of the certificate used to log in to the Management Console?


<< Back to Knowledge Search

Solution

Overview

[Detail]

Self-signed ProxySG-generated certificates have validity of 2 years since SGOS5.3.

This includes 'default' and 'passive-attack-protection-only-key' certificates.

Management Console login uses the "default" certificate.

The reasoning is convenience  vs. security.

 

[Resolution plan 1]

If you want a certificate that is valid for 10 years, you can obtain a keyring/certificate from an external Certificate Authority (CA) and import it into the ProxySG appliance.

 

[Resolution plan 2]

Even if your certificate expires, you can log in to the ProxySG appliance. You can generate a new self-signed key for the appliance.

You can remake the key for the Management Console by selecting Configuration>SSL>Keyrings.

Add the newly created key by selecting  Configuration>Service>Management Service>HTTPS-Console>Keyring.

This extends the validity of the certificate for two years.

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1149
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 5.3
Topic      SSL / HTTPS
Article Number      000010409
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat