NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
we could not verify the certificate: reason = untrusted
Hello,
Since 2 months, I'm not able to acces to my WAX.
On windows, Edge and Firefox return that message: "we could not verify the certificate: reason = untrusted" without the possibility to pass thrue.
I never change or set certificate.
Do you have an idee?
I finally found. It comes from Windows wireless setting. I switched from public to private setting and it's now ok!
Sorry for the picture in french
11 Replies
Hi,
I have the same issue.
Additionally:
It happens on one device (PC) and on all browsers (Firefox, Edge, Chrome). On my laptop I still can access the router. As said by Cofran268 it's a simple text message without the possibility to pass through. Tried IP of the router as well as routerlogin.net or orbilogin.com. Router is working fine, just cannot access the router settings on my pc.
SaHi wrote:
It happens on one device (PC) and on all browsers (Firefox, Edge, Chrome). On my laptop I still can access the router.
This tells me that that one device has some enterprise or business policies in place very likely.
SaHi wrote:
As said by Cofran268 it's a simple text message without the possibility to pass through. Tried IP of the router as well as routerlogin.net or orbilogin.com.
Netgear used to distribute private keys and PKI signed (Entrust) certificates with each device. Needless to say, this was a major security risk, because all or series from similar models came with the exact same private key (and cert).
Cofran268 wrote:
On windows, Edge and Firefox return that message: "we could not verify the certificate: reason = untrusted" without the possibility to pass thrue.
It's a self-signed certificate, (generated and?) loaded during the initial device installation.
In general, any browser does allow to accept (I don't say trust or the like) a self-signed certificate. The only exception might be with Enterprise-managed or -operated systems explicitly allowing correct PKI-signed certificates or similar.
Cofran268 wrote:
I never change or set certificate.
As of writing, Netgear does not offer the ability to update or replace the certificate and private key on the WAX6xx nor on the WAC5xx.
Hi Cofran268
We are aware of a similar issue when accessing the Orbi Pro admin page (SXR80 and SXR30) but I have not seen other reports of this issue happening on WAX600 series AP's.
To help debug further could you please provide the following:
1. Could you try to access the AP admin page using a different laptop, PC or mobile device and check if the issue is also observed there?
2. Is the AP managed only using the local admin page, or in Insight?
3. Do you see this issue on a single AP or multiple AP's?
4. Do you recall when the issue first appeared, if it coincided with any other event? i.e. AP firmware update, web browser update, Windows OS update?
Thanks
DavidGo
I tried on 2 differents Win11, same result. But it works with IOSTo help debug further could you please provide the following:
1. Could you try to access the AP admin page using a different laptop, PC or mobile device and check if the issue is also observed there?
2. Is the AP managed only using the local admin page, or in Insight?
The AP is manage using local admin page
3. Do you see this issue on a single AP or multiple AP's?
On multiple AP's
4. Do you recall when the issue first appeared, if it coincided with any other event? i.e. AP firmware update, web browser update, Windows OS update?
No, I cannot rememenber.
More information:
My Wax610 has the latest firmware
I tried to disable all functions of Bitdefender
Typical message from some intermediate security systems (programs, appliances, ...) - not something originating from the access point, which is almost certainly making use of the default self-signed certificate - which -of-course- can't be validated. In this example a SonicWall:
These are not problems with the managed system, no matter it's a security appliance, a router, a wireless access point. Figure out what wonderful security software does intercept the connection here -and- insert a text message into the https stream.
Strongly doubt this is something similar to the change in some of the browsers looking for certain certificate usage DavidGo
Said that: In case it's an issue with the https connection, certificate, ... these would be shown in the Web browser context, not as part of the Web page content (as shown before).
Hi Cofran268
I agree with schumaku here, it looks more like something is intercepting the traffic on Windows 11 devices and preventing from accessing the AP local admin page. The fact it also still works on iOS device points towards an issue specific on the Windows 11 machines.
I have tested here with Windows 11 (and Windows 10) and I am unable to reproduce the issue. Other than the security warning message which is expected, I can progress past it each time. Other than Bitdefender, is there any other security software (on the Win 11 devices) that could be blocking the access?... is Bitdefender totally disabled when testing?
schumaku yes I agree it is different than what we are seeing on Orbi Pro. It just rung a bell initially but agreed it is different here.
Thanks
David
I finally found. It comes from Windows wireless setting. I switched from public to private setting and it's now ok!
Sorry for the picture in french
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
