NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

TheMegaMan's avatar
TheMegaMan
Aspirant
Mar 25, 2021

ReadyNAS Duo v2 certificate and general settings issues

Hi,   I've had my ReadyNAS Duo v2 on RAIDiator 5.3.13 for many years now, and it's nearly always been problem-free. I mostly use it as a music server for my Squeezebox players, so it's kinda valuab...
Sandshark's avatar
Sandshark
Sensei
Mar 25, 2021

Since the SSH certificate is self-signed, it's always going to create an error.  Some browsers have a way to set them to always ignore it on a specific address, which may be what you did.  But that's now set for the old IP address.  It is usually better to reserve an IP address in your router rather than use a static IP in the NAS, which I suggest you do.  You can always reserve the address you used to use.

 

The certificate expiration date should be in the future, though I don't know how far in the future it normally is set.  So I'm not sure why you think that's an error.

 

But as to why nothing you edit in the SSL host entry doesn't stay, I can't say.  Perhaps try re-installing the OS once more time after you have reserved the desired address in the router.

TheMegaMan's avatar
TheMegaMan
Aspirant
Mar 25, 2021

Thanks for the response.

 

Yes, I am aware of most of what you say. I am expecting a warning about the certificate, but Chrome seems really insistent that the certificate is invalid, and doesn't seem to want to just let me accept/save/ignore it. I had to switch to Safari to actually be able to ignore the problem.

 

Yes, the expiry date should be in the future, but I thought the certificate shouid only be valid for a few years, not 17 years. I think the NAS had corrupted the date and set the year to around 2030 when it created the certificate, hence the extended expiry date, but I don't actually see a creation date.

 

I'm assuming Chrome's insistence that it can't accept the certitifate is because either the dates are 'impossible', or that the IP address just doesn't match. Both are issues that should really be resolved.

 

Yes, I am now (and am happy to) reserve the required IP address in the router. No problem with that. I agree it's a better solutiuon, but my previous router (when I set the static IP address) didn't support that (that I'm aware of). Trying to configure the ReadyNAS to use a static IP address now was just an exercise in trying to get the certificate to work properly, and that's when I realised it wasn't actually making the change.

 

But yes, I will try to reinstlal the OS again, and see how I get on. And I guess if that doesn't make any difference, then a full factory reset may be the best option. Just trying the least destructive fixes first...

  • StephenB's avatar
    StephenB
    Guru - Experienced User
    Mar 25, 2021
    TheMegaMan wrote:

     

    Yes, I am aware of most of what you say. I am expecting a warning about the certificate, but Chrome seems really insistent that the certificate is invalid, and doesn't seem to want to just let me accept/save/ignore it.

    Normally there is an "advanced" control on the warning page - if you click on that, you can connect.  Chrome will remember that for a while, but you will need to navigate through the warning from time to time.

     

    Are you seeing the "Advanced" control?

    • TheMegaMan's avatar
      TheMegaMan
      Aspirant
      Mar 25, 2021

      I do, but it doesn't help. I have a link to Learn more (links to Chrome certificate help page) and buttons to 'Reload' and 'Show Advanced' (changes to 'Hide Advanced'). The advanced secion simpy states:

       

      192.168.1.82 normally uses encryption to protect your information. When Google Chrome tried to connect to 192.168.1.82 this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be 192.168.1.82, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.

      You cannot visit 192.168.1.82 at the moment because the website sent scrambled credentials that Google Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.

       

      There is no link to save/import/accept/ignore the cerrtificate.

       

      Cllicikng on the 'Niot Secure' warning on the URL line, I'm able to view the certificate details, I notice it says:

       

      Not Valid Before: Friday, 10 January 2031 at 22:25:51 Greenwich Mean Time

      Not Valid After: Monday, 18 January 2038 at 22:25:51 Greenwich Mean Time

       

      There is a section in that Certificate Details view labelled 'Trust', which I have tried setting to 'Always Trust', but it doesn't make any difference. I just seems like the certificate is sufficiently invalid/corrupt that Chrome is just refusing to do anything with it.

       

       

      • StephenB's avatar
        StephenB
        Guru - Experienced User
        Mar 26, 2021

        Maybe try doing an OS reinstall from the boot menu?

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More