03-25-2009 10:39 AM - edited 02-21-2020 10:23 AM
Our self-signed certificate has expired and I attempted to install a valid certificate from our internal CA. The generation of the CSR, addition of our internal CA as a valid root, import and installation of the new key all seemed to go without a hitch. However, when I restarted the services to activate the new cert I was no longer able to access the server via the web interface.
Connecting through the console lets me see that everything is apparently working fine, but I can't manage the server through the web, and therefore cannot add/delete/modify and entries.
Attempted to update the certificate on the second ACS using a self signed certificate, and it also updated without problems, but the web interface does not work for that system either.
I need some guidance in how to get the web interface working.
Solved! Go to Solution.
04-01-2009 03:16 PM
Can you give us some more information about what happens when you try to access the server via a browser? What happens in the browser? Messages?
Have you tried using http: instead of https:?
Have you tried a different browser?
Is your ACS running on Windows, is it the appliance, or ???
03-31-2009 09:46 AM
Take a look at this link. It may help
04-01-2009 09:43 AM
The link provides the instructions that I followed that created the problem on one of my servers. Specifically, creating a new self-signed certificate. What I need is a way to get the GUI interface working again. It hasn't worked since changing the certificate, and the "enable guiadmin" did not have any affect.
04-01-2009 03:16 PM
Can you give us some more information about what happens when you try to access the server via a browser? What happens in the browser? Messages?
Have you tried using http: instead of https:?
Have you tried a different browser?
Is your ACS running on Windows, is it the appliance, or ???
04-01-2009 03:39 PM
I tried HTTP and it allowed me access. I was then able to verifiy that the new certificate was valid and change the interface over to HTTPS.
Very stange, since I would swear that I had tried that before. It did take a long time for the HTTP page to come up, and maybe I didn't have the patience to wait long enough last time.
Thanks for the suggestions, and the solution.
04-02-2009 01:36 PM
Awesome. Some of our certs will be expiring soon, and now I know what to watch out for!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide