This article applies to our On-Premise Appliance Filter and Firewall product only, not to Cloud.
The Dynamic certificate used by default for sign-in pages doesn’t have a SubjectAltName value, only the Appliance’s hostname.
If you have multiple DNS names for your Smoothwall appliance, you’ll see a certificate error in the browser stating that there is a missing Subject Alternate Name. This shows when signing into Smoothwall as an Administrator via HTTPS, through the User Portal or as an end user via the SSL Login page.
To prevent this error, change the certificate used for HTTPS user-facing services:
-
Create another certificate under the Default Certificate Authority.
- Clear the Authority checkbox to make a standard Server Certificate.
- Ensure you select Advanced to add the Alternate names.
- Select the User facing HTTPS Services link or go to System > Preferences > User interface.
- In the Certificates section, change the User-facing HTTPS services and Admin UI fields to use the new certificate.
- Select Save.