aaa rules certificate address mismatch problem

Unanswered Question
Jun 28th, 2010

I have several web sites with different names that are protected by aaa rules and external radius server against which user must authenticate. Problem is that when fw send its page with username and password, browser reports certificate address mismatch, because ther is difference between site name in ASA self signet certificate and site that is accessed. Is there a way to avoid this by some config in ASA. I know it is possible to turn off this check in IE, but thi is not preffered way for solving this.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marcin Latosiewicz Tue, 06/29/2010 - 10:14


I've played long time ago and only in the lab with CTP so I was never bothered by warnings.

What do you have configured?

Did you try using redirect with listener?

Do you have secure client enabled?

I'm not sure if even installing a proper cert on the ASA/PIX will help.


draganskundric Thu, 07/01/2010 - 10:44

we solved it by using identity

certificate on ASA that has all server names that are accessed, stated in CN of certificate, a

nd this is working


This Discussion