NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Invalid Certificate.
I have a ReadyNas Duo V2 accessed with FF v23 on Win7 x64.
When the nas was first installed, it was given an ip address of 192.168.0.157. Standards are devices get addresses below 120 so it was static dhcp'd to 192.168.0.7. Now, every single time FF and chrome both complain the security certificate is invalid. I have tried a variety of things offered from other threads, but none seem to work.
My question is:
1. Is there any way to permanently store the certificate for FF and/or chrome so the certificate is accepted?
2. Is there a way to get the Readynas to recreate the certificate for the current ip address?
Thanks (and I can't believe this is still and issue with Netgear).
Cliff.
When the nas was first installed, it was given an ip address of 192.168.0.157. Standards are devices get addresses below 120 so it was static dhcp'd to 192.168.0.7. Now, every single time FF and chrome both complain the security certificate is invalid. I have tried a variety of things offered from other threads, but none seem to work.
My question is:
1. Is there any way to permanently store the certificate for FF and/or chrome so the certificate is accepted?
2. Is there a way to get the Readynas to recreate the certificate for the current ip address?
Thanks (and I can't believe this is still and issue with Netgear).
Cliff.
11 Replies
Replies have been turned off for this discussion
- Well, you can regenerate the certificate by going to the https service in the GUI. Enter the current IP address of the NAS.
Then in chrome you should be able to add the certificate in advance security settings.
Firefox - should have similar security settings are where you can add certificates. - You can certainly tell FF to create a permanent security exception - I have done that. It doesn't actually store the certificate in that case, instead it just remembers that there is an exception. IT will then take you directly to the web page with no fuss.
With Chrome, I believe all certificates need to be installed by the native browser (IE in the case of Windows).
This is not a Netgear issue btw - it is inherent to all self-signed certificates The only thing Netgear to do to prevent this is to not allow https at all.
BTW - I deleted the duplicate thread... - Vandermere, is there some reference I could use to recreate the certificate? If you could point me in the right direction I'd appreciate it.
- StephenB, I have tried to coax FF to save the certificate, but it doesn't stick. Same with chrome. The certificate is still signed from the original .157 address, not the current .7 address. Not allowing a change in the ip address is definitely a defect with the Netgear software.
1 We should use https for increased security.
2 We'll create a certificate that becomes useless minutes after installation and not have a simple method to update the certificate.
3 We'll just tell folks to not worry about the invalid certificate, just click through it. (see step 1) - FireFox first gives you
"This Connection is Untrusted"
Technical Details arex.x.x.x uses an invalid security certificate.
The certificate is not trusted because it is self-signed.
The certificate is only valid for y.y.y.y
(Error code: sec_error_untrusted_issuer)
Then you click on "I understand the risks", and "add exception".
That brings up a pop-up
"You are about to override how FireFox identifies this site"
Then check "permanently store this exception" at the bottom, and click the "Confirm Security Exception"
As I mentioned, this is not storing the certificate, it is creating a permanent exception specific to that site. If you access the NAS multiiple ways (IP address and various names) you need to do this process for each name/ip. - Have you regenerated the certificate with the correct IP address. You need to enter the IP address in a field within the window that opens when you click on https settings
- I think you find the https settings in Configure, System, Services, https.
Once you've done this make sure you clear your browser cache.
You may need an OS reinstall as well if the above doesn't work.
If you access the unit in different ways, what exactly do you mean - even an IP address and a name are only 2 exceptions to add. You should only have to do this all once. vandermerwe wrote: If you access the unit in different ways, what exactly do you mean - even an IP address and a name are only 2 exceptions to add. You should only have to do this all once.
Local name, local IP, ddns name... At least 3, and if you have a static external ip address, possibly 4. I agree you only need to do this once on each machine.vandermerwe wrote: Have you regenerated the certificate with the correct IP address. You need to enter the IP address in a field within the window that opens when you click on https settings
I'm an idiot. I have no idea how to regenerate the certificate. Do I generate this from FF or from Readynas?vandermerwe wrote: I think you find the https settings in Configure, System, Services, https.
Once you've done this make sure you clear your browser cache.
You may need an OS reinstall as well if the above doesn't work.
...
You do it from readynas:
Go to Configure, System, Services. Then I think right click on https (it should already be activated). You should then see something that allows you to verify/change the ip address of the nas for the certificate, and something to regenerate it. This is the way it works in all of the other readynas operating systems so i assume it will be the same for 5.3.8
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
