HTTPS management console certificate - setup and troubleshooting

book

Article ID: 170325

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

The HTTPS Console provides secure access to the Management Console through the HTTPS protocol.

This article explains how to set up a certificate for the HTTPS console as well as troubleshooting Certificate errors that appear in the browser when connecting to the Management console, as shown below.

Cause

This error may occur when the keyring used for the HTTPS console service is corrupted or expired. It can also be experienced if the certificate in question has not been downloaded and installed at the browser level.

Resolution

  1. Viewing available keyrings
  • The ProxySG appliance ships with a default keyring that can be reused with each secure console that you create. You can also create your own keyrings.
  • To view the list of Key rings in the appliance, and their expiration status navigate to "Configuration > SSL > Keyrings"

 

  1. Open HTTPS-console settings.
  • Navigate to Configuration > Services > Management Services > Select the HTTPS-console Service, click Edit.

 

  1. Set the keyring to be used for HTTPS-console.
  • In the Keyring field , click on the down arrow to select the chosen keyring.
  • Click OK
  • Click Apply

 

  1. Download the respective certificate to your local workstation

 

  1. Save certificate to the Browser.
  • The certificate needs to be imported to the Trusted Root Certificates Authorities in the browser certificate list or locally via the target workstation(s).
  • For instructions on importing certifciates refer to TECH241928.

 

  1. After restarting the browser/user-agent and accessing the proxy via the https-console (https://proxyIPaddr:8082/), the certificate error should not appear again.