About Certificate Warning Messages - Colubris Networks CN3000 Administrator's Manual

Chapter 10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SSL certificates - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Chapter 10

About certificate warning messages

The default certificate installed on the CN3000 is not registered with a certificate
authority. It is a self-signed certificate that is attached to the default IP address
(192.168.1.1) for the CN3000.
This results in the following warning message each time a web browser attempts to
validate the certificate:
This warning will occur:
• before the public access interface login page appears in a customer's web browser
• before the management tool login page appears in an administrator's web browser
If you are using NOC authentication, it may also cause an error to be reported to the
login application
There are three types of possible warnings in the Security Alert:
1. The security certificate was issued by a company you have not chosen to trust.
2. The Security certificate date is valid.
3. The security certificate has a valid name.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 194 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(page 177). The login application can choose to ignore this error.
This indicates that your browser has no knowledge of the certificate and treats it as if
it cannot be trusted. The warning is caused by not having a CA certificate in the
browser that can validate the certificate provided by the CN3000.
To eliminate this warning message, you can install a new certificate as described on
page 207.
Signifies that the operating system's date is within the range of beginning and end
dates specified in the security certificate. Certificates have a limited lifetime and
must be renewed and replaced before they expire or else warnings will appear in the
browser.
This refers to the domain name listed in the "subject" field of the security certificate
that matches the domain name of the URL that you're attempting to go to. By default
the name in the "subject" field of the certificate installed in the CN3000 also
becomes the domain name of the CN3000 and is resolved by the CN3000 itself.