Results 1 to 8 of 8
  1. #1
    Newbie
    Join Date
    Jan 2020
    Posts
    4

    Default Untangle-IP-Add/cert gives the wrong CA!

    I've been wanting to use the SSL inspector for a long time. I just learned that I can use untangle-ipadd/cert which would make it easy to put the certs on all 20+ devices in my house. I've generated a new Server certificate and no matter what when I go to untangle-ipadd/cert I'm served a CA that I no longer even have on the FW. Where is this file stored so I can replace it with the correct cert? Or is there a way I can fix this otherwise? I deleted the SSL cert cache and that didn't help. I rebooted the FW but that didn't help. Right now I have to turn SSL inspector off as getting these certs on all the various mobile and streaming devices is not an easy task.

    Thank you for any help.
    -Maglin

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,516

    Default

    The Certificate Authority is generated by the Untangle, not the one added by the user for HTTPS.

    it is configured in /admin/index.do#config/administration/certificates
    Last edited by jcoffin; 01-10-2020 at 02:08 PM.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    Jan 2020
    Posts
    4

    Default

    So maybe the real issue is I can't complete the Certificate Authority creation. I've done that about 10 times and I still get my old one from back in August. I create it and I get a pop-up that says "Certificate Authority generation successfully completed. Click ok to continue." except there is not ok anywhere to click. Clicking on save doesn't do anything for this as I've done that multiple times even though I've not changed anything in regards to what services are using what CAs. Here is an image of what I'm talking about. Untangle_Cert_gen.png

    I want to add that the CA being shown in the certification section is the one I generated but I'm only getting my old one when I go to 192.168.10.1/cert which is the real issue. I couldn't get to the folder location mentioned above as /admin doesn't exist in the root filesystem nor does it exist in the userspace as well. So I honestly have zero clues what that path was in regards to or where/what to do to get to it. I just want to delete these old CAs and serve the new ones. Thank you.
    Last edited by Maglin; 01-11-2020 at 10:54 AM.

  4. #4
    Master Untangler Sam Graf's Avatar
    Join Date
    Feb 2016
    Location
    Michigan
    Posts
    928

    Default

    Quote Originally Posted by Maglin View Post
    I couldn't get to the folder location mentioned above as /admin doesn't exist in the root filesystem nor does it exist in the userspace as well. So I honestly have zero clues what that path was in regards to or where/what to do to get to it.
    I'm sorry I can't help you with your problem (I always use the CA Untangle generates at installation), but just to clarify, that path is jcoffin's way of directing you to the appropriate place in the administration UI. That's a browser path, not a file system path.
    Jim.Alles likes this.

  5. #5
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,516

    Default

    The command line changes are not supported. Post a screen capture of the entire web page at <your lan ip>/admin/index.do#config/administration/certificates
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Newbie
    Join Date
    Jan 2020
    Posts
    4

    Default

    Ahhhh... loL That's where you do all certificate management and where I've spent the last two days. Here is the requested screenshot. Again it's not the CA. It's the 192.168.10.1/cert that is the problem. It keeps serving the old cert with my old hostname. I ever reran the startup wizard hoping it might resolve it but nope. Here is the screen shot.

    2020-01-11 16_12_03-Untangle - untangle.png

  7. #7
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,516

    Default

    When you click Download Root Certificate Authority, is it the right one?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Newbie
    Join Date
    Jan 2020
    Posts
    4

    Default

    yes, that cert will work.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2