Management Center failed to initiate a secure connection to the device: CERTIFICATE_ERROR
search cancel

Management Center failed to initiate a secure connection to the device: CERTIFICATE_ERROR

book

Article ID: 267883

calendar_today

Updated On:

Products

Management Center Management Center - VA

Issue/Introduction

Edge SWG (ProxySG) Admin Console fails to display various sections of the configuration (e.g. Advanced URLs, routing table):

Environment

  • Edge SWG (ProxySG) is managed from Management Center using Admin Console
  • Management Center is configured to use SSL Context

Cause

This error may be observed if certificate used by Edge SWG (ProxySG) is not trusted by Management Center. 

Resolution

To resolve the issue we can either remove SSL Context configuration or use Context that does not have any CCL configured (e.g. https-console)

 

Additional Information

Global SSL Context configuration can be found under Administration -> Device Communications:

 

To verify whether SSL context is configured with CCL, you can use the following command:

MgmtCtr(config-ssl)# view ssl-context https-console
Name:           https-console
Keyring:        default
CCL:            <None>
Protocols:      tlsv1.2
Cipher suites:  ecdhe-rsa-aes256-gcm-sha384 ecdhe-rsa-aes256-sha384 ecdhe-rsa-aes256-sha dhe-rsa-aes256-gcm-sha384 dhe-rsa-aes256-sha256 dhe-rsa-aes256-sha aes256-gcm-sha384 aes256-sha256 aes256-sha ecdhe-rsa-aes128-gcm-sha256 ecdhe-rsa-aes128-sha256 ecdhe-rsa-aes128-sha dhe-rsa-aes128-gcm-sha256 dhe-rsa-aes128-sha256 dhe-rsa-aes128-sha aes128-gcm-sha256 aes128-sha256 aes128-sha

NOTE: If CCL is set to <None> certificate trust will not be validated when Management Center is communicating with Edge SWG (ProxySG)

Powered by Wolken Software