Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RV042 browser certificate errors when logging into web-based gui

I have set the RV042 up for QuickVPN access.  The router config recommends turning HTTPS on in the firewall when using QuickVPN.  The side effect to this is any web browser throws me certificate errors and warns me not to continue logging in to the router's config.  How do I fix this so the browser does not throw these messages?

Router is Linksys-branded, using latest firmware for this hardware (1.3.13.02-tm)

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

RV042 browser certificate errors when logging into web-based gui

Hello Tim,

Looking into this issue deeper it is due to the certificate being issued to cisco.com domain which you don't own. And when you connect to your router most likely with your own domain name or ip address it compares that information with the information stored in the certificate. Since it will never match it through's an error. The RV0xx series routers are not able to install 3rd Party certificates, so this will not be able to be resolved in their current release. I am not aware of any decision to change the code to resolve this issue. The RV220W and SA500 series routers do have the ability to install a third party certificate. The SA is the only other model that has the ability in the Small Business line to do dual WAN.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

14 REPLIES
Bronze

RV042 browser certificate errors when logging into web-based gui

Hello Tim,

When using HTTPS with the RV042, the router will use a self-signed certificate. Most web-browsers will advise against going to any webpage with a self-signed cert. If you would like to avoid this, you can add the router's address to your browser's trusted list.

New Member

RV042 browser certificate errors when logging into web-based gui

Hi Robert,

I went into Internet Options->Security Tab->Trusted Sites and added the router's IP address, but when I navigate to said IP in IE9, I still get the warning.  As a trouble-shooting step, I rebooted and tried again, but still no luck.

It seems that if I were to import the cert into Internet Options->Content->Certificates, that would alleviate the problem, but I don't know how to obtain the RV042's self-signed cert into a format that I could import into IE9.  Any suggestions?

Bronze

RV042 browser certificate errors when logging into web-based gui

Hello Tim,

Since Cisco.com is not a trusted root authority. To install the certificate you will have to added it to your trusted root authority folder. There should be an option when adding the certificate to browse to the appropriate folder.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

New Member

RV042 browser certificate errors when logging into web-based gui

Thanks, Randy. 

I still do not know where to find the Cisco.com certificate.  The Certificate Import Wizard in Internet Options does allow me to browse to other folders, but I don't know where to browse to in order to import the Cisco certificate.  It looks like the Certificate Import Wizard accepts only certain file extensions: .cer, .crt, .pfx, .p12, .stl, .crl, .sst, .spc, and .p7b.

New Member

RV042 browser certificate errors when logging into web-based gui

Same problem on my rv042. I had to downgrade the V1 to get around this problem. But the V3 rv042 allways brings up this requester.

Can I get a firmware without this "feature" ? I use remote administration from many different browsers (smartphone), so this is very annoying without a real security benefit.

Bronze

RV042 browser certificate errors when logging into web-based gui

Tim,

Top of the IE page you should have a red broken lock looking thing right click on the icon and choose to view the certificate from there you can install it.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

New Member

RV042 browser certificate errors when logging into web-based gui

Thank you, Randy.  I found it.  Only problem is it didn't work.  I imported the cert into Trusted Root Certification Authorities (I can see it in there, so I know the import took place), but still get the error when connecting to the router through IE9.  It says:

There is a problem with this website's security  certificate.

The security  certificate presented by this website was issued for a different website's  address.

Security certificate  problems may indicate an attempt to fool you or intercept any data you send to  the server.

We recommend that you close this webpage and do not  continue to this website.

Recommended iconClick here to close this  webpage.

Not recommended iconContinue to this website (not  recommended).

There is a problem with this website's security certificate.

The security certificated presented by this website was issued for a different website's address.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.

We recommend that you close this webpage and do not continue to this website.

Bronze

RV042 browser certificate errors when logging into web-based gui

Hello Tim,

Looking into this issue deeper it is due to the certificate being issued to cisco.com domain which you don't own. And when you connect to your router most likely with your own domain name or ip address it compares that information with the information stored in the certificate. Since it will never match it through's an error. The RV0xx series routers are not able to install 3rd Party certificates, so this will not be able to be resolved in their current release. I am not aware of any decision to change the code to resolve this issue. The RV220W and SA500 series routers do have the ability to install a third party certificate. The SA is the only other model that has the ability in the Small Business line to do dual WAN.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

New Member

RV042 browser certificate errors when logging into web-based gui

Thanks, Randy.  It looks like this feature was introduced in the latest firmware, as I did not have this problem prior to flashing about a month ago.  It's more annoying than anything else, so I guess I just have to live with it.

Cheers,

Tim

New Member

RV042 browser certificate errors when logging into web-based gui

But what should I do with the V3 of the Rv042 ?

Can I also downgrade to get rid of this feature ?

BTW: When visiting this forum, I also get complaints about invalid certificates mcctags.cisco.com.

          I would not expect this kind of warnings in a cisco-site.

New Member

RV042 browser certificate errors when logging into web-based gui

I too am having the same problem with my RV042 routers.  I have 5 of them installed on different domains.  The oldest one has firmware 1.3.8.2, and that is the only one that does not present this certificate error.  Any other router has firmware 1.3.12.6 or older.  I must have HTTPS enabled in order to use the VPN client so it is a real pain.  You would think that Cisco would have a fix for this problem.

New Member

RV042 browser certificate errors when logging into web-based gui

Same problem here, any solution????

New Member

Hi Randy,This issue with the

Hi Randy,

This issue with the RV042G not accepting 3rd party certificates is still present in the v4.2.3.06 firmware. Chrome and other browsers are now refusing to connect to the router without an override option as allowed previously, giving the error "Server has a weak ephemeral Diffie-Hellman public key". This is no longer a nuisance, but is now defect status and needs to be addressed as it has been in Cisco's other products. Is there any word on when this might happen?

 

Thanks,

Doug

New Member

Hi Doug,I started a new

Hi Doug,

I started a new discussion https://supportforums.cisco.com/discussion/12600331/rv042-w-firmware-42306-server-has-weak-ephemeral-dillie-heffman-public-key. Agree that this has become a defect and hope it's addressed quickly.

 

John

8850
Views
5
Helpful
14
Replies
CreatePlease to create content