ACS version 4.1 certificate problem

Answered Question
Mar 25th, 2009

Our self-signed certificate has expired and I attempted to install a valid certificate from our internal CA. The generation of the CSR, addition of our internal CA as a valid root, import and installation of the new key all seemed to go without a hitch. However, when I restarted the services to activate the new cert I was no longer able to access the server via the web interface.

Connecting through the console lets me see that everything is apparently working fine, but I can't manage the server through the web, and therefore cannot add/delete/modify and entries.

Attempted to update the certificate on the second ACS using a self signed certificate, and it also updated without problems, but the web interface does not work for that system either.

I need some guidance in how to get the web interface working.

Correct Answer by Robert.N.Barrett_2 about 7 years 10 months ago

Can you give us some more information about what happens when you try to access the server via a browser? What happens in the browser? Messages?

Have you tried using http: instead of https:?

Have you tried a different browser?

Is your ACS running on Windows, is it the appliance, or ???

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
bclough Wed, 04/01/2009 - 09:43

The link provides the instructions that I followed that created the problem on one of my servers. Specifically, creating a new self-signed certificate. What I need is a way to get the GUI interface working again. It hasn't worked since changing the certificate, and the "enable guiadmin" did not have any affect.

Correct Answer
Robert.N.Barrett_2 Wed, 04/01/2009 - 15:16

Can you give us some more information about what happens when you try to access the server via a browser? What happens in the browser? Messages?

Have you tried using http: instead of https:?

Have you tried a different browser?

Is your ACS running on Windows, is it the appliance, or ???

bclough Wed, 04/01/2009 - 15:39

I tried HTTP and it allowed me access. I was then able to verifiy that the new certificate was valid and change the interface over to HTTPS.

Very stange, since I would swear that I had tried that before. It did take a long time for the HTTP page to come up, and maybe I didn't have the patience to wait long enough last time.

Thanks for the suggestions, and the solution.

Actions

This Discussion