5. Correct webgui SSL cert management techniques

Correct webgui SSL cert management techniques

  • S

    Hello,  I would like to know what the recommend procedure is to handle SSL certs when multiple firewalls are being deployed using the same configuration backup.

    In the 1.2 era I just didn't worry about the ssl certs, the self signed certs that the firewall generated for itself worked just fine for all the firewalls I deployed and I never had any trouble accessing them.

    With version 2.0 I keep running into the firefox sec_error_reused_issuer and serial error when I import a configuration backup and try to setup a firewall for a new site.

    I don't really understand what the fundamental change is that caused the behavior change.  Is it because in the 1.2 series, the CA was regenerated after a configuration import, so the issuer and serial number were always different?  In 2.0 the CA stays with the backup config, so if I create a new cert on firewall A and Firewall B, they both have the same serial number since they are both using a copy of the same CA?

    I would appreciate some suggestions on the easiest way to deal with this.
    Thanks
    Josh

    0
  • C

    1.2.x and before, like m0n0wall, don't generate certs, they use a single hard coded one.

    Not sure offhand what you're seeing there.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy