Summary
Getting certificate errors when accessing the Smoothwall administration UI over HTTPS.
Problem
When you connect your web browser to the Smoothwall’s web-based interface on a HTTPS port for the first time, your browser will display a warning that the Smoothwall’s certificate is invalid. The reason given is usually that the certificate was signed by an unknown entity or because you are connecting to a site pretending to be another site.
Solution
Unknown Entity Warning
This issue is one of identity. Usually, secure websites on the Internet have a security certificate which is signed by a trusted third party. However, the Smoothwall’s certificate is a self-signed certificate.
Note: The data traveling between your browser and the Smoothwall is secure and encrypted.
To remove this warning, your web browser needs to be told to trust certificates generated by the Smoothwall.
To do this, import the certificate into your web browser. The details of how this are done vary between browsers and operating systems. See your browser’s documentation for information about how to import the certificate.
Inconsistent Site Address
Your browser will generate a warning if the Smoothwall’s certificate contains the accepted site name for the secure site in question and your browser is accessing the site via a different address.
A certificate can only contain a single site name, and in the Smoothwall’s case, the host name is used. If you try to access the site using its IP address, for example, the names will not match.
To remove this warning, access the Smoothwall using the host name. If this is not possible, and you are accessing the site by some other name, then this warning will always be generated.
In most cases, browsers have an option you can select to ignore this warning and which will ignore these security checks in the future.
Neither of the above issues compromise the security of HTTPS access. They simply serve to illustrate that HTTPS is also about identity as well encryption.