firefox 3 (rc1) and ie7 doesn't like IRPT demo cert

Unanswered Question
May 19th, 2008
User Badges:

well i am sure you all tried ie7 w/ web gui on ironport. they dont like it.
firefox 3 rc1 actually requires u to add it to exclusion site...or maybe turn off some cert checking...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jaigill Mon, 05/19/2008 - 19:33
User Badges:
  • Cisco Employee,

The Ironport ESA is shipped with a self signed demo cert. As a result of this most browser will generate cert errors. These errors will go away if you purchase a cert from a know CA(Verisign, Thwate, etc.).

Bart_ironport Tue, 05/20/2008 - 09:06
User Badges:

Or alternatively, create your own internal CA and distribute its root certificate to the clients. You can then use that CA to generate a certificate for your ironport, and any other internal ssl sites you may have.
If its just for the management interface, that should be sufficient.

Firefox 3 has indeed made it very complex to access websites with self-signed or expired certificates. Not a bad thing, people always click OK without reading, but it will prevent joe average from accessing any websites with self-signed certificates.


This Discussion