How do I extend the validity of the certificate used to log in to the Management Console?

Solution

Overview

[Detail]

Self-signed ProxySG-generated certificates have validity of 2 years since SGOS5.3.

This includes 'default' and 'passive-attack-protection-only-key' certificates.

Management Console login uses the "default" certificate.

The reasoning is convenience  vs. security.

 

[Resolution plan 1]

If you want a certificate that is valid for 10 years, you can obtain a keyring/certificate from an external Certificate Authority (CA) and import it into the ProxySG appliance.

 

[Resolution plan 2]

Even if your certificate expires, you can log in to the ProxySG appliance. You can generate a new self-signed key for the appliance.

You can remake the key for the Management Console by selecting Configuration>SSL>Keyrings.

Add the newly created key by selecting  Configuration>Service>Management Service>HTTPS-Console>Keyring.

This extends the validity of the certificate for two years.

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1149
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat