cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
612
Views
0
Helpful
5
Replies

ACS version 4.1 certificate problem

bclough
Level 1
Level 1

Our self-signed certificate has expired and I attempted to install a valid certificate from our internal CA. The generation of the CSR, addition of our internal CA as a valid root, import and installation of the new key all seemed to go without a hitch. However, when I restarted the services to activate the new cert I was no longer able to access the server via the web interface.

Connecting through the console lets me see that everything is apparently working fine, but I can't manage the server through the web, and therefore cannot add/delete/modify and entries.

Attempted to update the certificate on the second ACS using a self signed certificate, and it also updated without problems, but the web interface does not work for that system either.

I need some guidance in how to get the web interface working.

1 Accepted Solution

Accepted Solutions

Can you give us some more information about what happens when you try to access the server via a browser? What happens in the browser? Messages?

Have you tried using http: instead of https:?

Have you tried a different browser?

Is your ACS running on Windows, is it the appliance, or ???

View solution in original post

5 Replies 5

The link provides the instructions that I followed that created the problem on one of my servers. Specifically, creating a new self-signed certificate. What I need is a way to get the GUI interface working again. It hasn't worked since changing the certificate, and the "enable guiadmin" did not have any affect.

Can you give us some more information about what happens when you try to access the server via a browser? What happens in the browser? Messages?

Have you tried using http: instead of https:?

Have you tried a different browser?

Is your ACS running on Windows, is it the appliance, or ???

I tried HTTP and it allowed me access. I was then able to verifiy that the new certificate was valid and change the interface over to HTTPS.

Very stange, since I would swear that I had tried that before. It did take a long time for the HTTP page to come up, and maybe I didn't have the patience to wait long enough last time.

Thanks for the suggestions, and the solution.

Awesome. Some of our certs will be expiring soon, and now I know what to watch out for!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: