NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
steukers001
Sep 26, 2018Aspirant
ReadyNAS Pro system RNDP6000 , acessing AdminGUI fails from a Windows 10 client.
Hi,
I own a ReadyNAS Pro system RNDP6000 (running RAIDiator V4.2.31), equipped with three WesternDigital NAS disks.
Since begin this year I am unable to use the WebAdmin GUI on the NAS from m...
- Sep 27, 2018
steukers001 wrote:
I guess a similar problem is the certificcating when trying to logon to 192.168.0.14/admin .
The Chrome browser then signals "The protection certificate of the server is not being trusted by the OS of your system"
This is a different problem. The NAS uses self-signed certificates. That's enough to get an encrypted connection, but (by definition) the PC has to trust that the NAS is the device it claims to be. A certificate issued by a certificate authority like verisign can be verified, but the self-signed certicate can't be.
Unfortunately many fake web sites use self-signed certificates, so the browser folks have had to respond by adding these warnings.
The simplest work-around is to click-through them when you are accessing the NAS. But if you ever see these warnings when you are connecting somewhere else (for instance your bank's web pages) then you shouldn't do that. Also, it's best to go directly to those websites in your browser, and not click on links in emails (which may be malicious).
steukers001
Sep 27, 2018Aspirant
Hi StephenB,
You hit the nail with your question, do you have "internet security software".
Inside Kaspersky Ant-Virus there is a facility called Web-Antivirus .The goal of it is to check if the pages you open are safe.
By turning off this facility the WebGui facility resumed fully!
I guess a similar problem is the certificcating when trying to logon to 192.168.0.14/admin .
The Chrome browser then signals "The protection certificate of the server is not being trusted by the OS of your system"
This I did overcome by accepting manually connection overruling to the NAS.
I have not been playing around by the "protection level" of Kaspersky Web-Antivirus (High/Recommended/Low) to see if I can contnue using the facility. By default it was on Recommended and made the NAS WebGui fail for ~60% of the menu entry’s.
Long may live the forum support community and thanks again to StephenB.
Kind Regards, Erik.
StephenB
Sep 27, 2018Guru - Experienced User
steukers001 wrote:
I guess a similar problem is the certificcating when trying to logon to 192.168.0.14/admin .
The Chrome browser then signals "The protection certificate of the server is not being trusted by the OS of your system"
This is a different problem. The NAS uses self-signed certificates. That's enough to get an encrypted connection, but (by definition) the PC has to trust that the NAS is the device it claims to be. A certificate issued by a certificate authority like verisign can be verified, but the self-signed certicate can't be.
Unfortunately many fake web sites use self-signed certificates, so the browser folks have had to respond by adding these warnings.
The simplest work-around is to click-through them when you are accessing the NAS. But if you ever see these warnings when you are connecting somewhere else (for instance your bank's web pages) then you shouldn't do that. Also, it's best to go directly to those websites in your browser, and not click on links in emails (which may be malicious).
- steukers001Sep 27, 2018Aspirant
Hi StephenB,
Thanks again for the techincal explanation behind the certificate providers.
Strange that a firm as big as Netgear does not cooporate with one of the Main Certificate provider authoroties.
That makes both my problems solved.
Kind regards,
Erik.
- schumakuSep 27, 2018Guru - Experienced User
steukers001 wrote:
Strange that a firm as big as Netgear does not cooporate with one of the Main Certificate provider authoroties.
Erik,
Even if they would - do you have a fully featured DNS domain up and running at home? Either with your own domain (for any CA), or with a split horizon configuration for using a DDNS name (for Let's Encrypt CA), pointing an A record to the ReadyNAS LAN IPv4, and/or an AAAA record pointing to it's IPv6 address? Without any of these, you can't get a valid certificate from any CA - "just" an IP address is not enough, oyu can't get a certificage signed just for an IP addess.
And yes, of course - I would expect that Netgear does wake up and add such a basic DNS functionality to the consumer routers ChristineT.
Regards,
-Kurt - StephenBSep 27, 2018Guru - Experienced User
steukers001 wrote:
Strange that a firm as big as Netgear does not cooporate with one of the Main Certificate provider authoroties.
CAs generally are issuing a "Organization Validation" certificate. This tells the world that they've checked you out, and you are who you say you are. That establishes a "chain of trust" - I trust your website because it's been verified by someone I trust. So if a server URL is bigbank.com, then the CA needs some proof that it really is administered by the real bigbank, and not someone else. Netgear can't provide that proof on your behalf, you need to go through the process of proving that you're legit on your own.
There is a lesser certificate type called "Domain Validation", which doesn't check out you, but only makes sure that you (whoever you might really be) have control over your ReadyNAS. The DV cert is what is installed by Let's Encrypt. Netgear could build in support for DVs (and hopefully they will). schumaku sketches out some of the things that need to be done.
Related Content
NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!