SSL Bad Certificate Format error blocking management interface

Question

I ran into an unusual problem today on a new Win10Pro laptop where my Chromium engine based browser blocked access to my ReadyNAS Duo v1 (latest firmware 4.1.1.6) because of SSL certificate problem, reporting the following error:
&nbsp;
This site can’t provide a secure connection192.168.0.25 doesn't adhere to security standards.ERR_SSL_SERVER_CERT_BAD_FORMAT
&nbsp;
RAIDar finds the NAS with no problem.&nbsp;&nbsp;
My ReadyNAS is on my local private network.&nbsp; Win10 Defender &amp; firewall have been configured to allow this connection.&nbsp;
&nbsp;
How do I resolve this issue in ReadyNAS?

StephenB · Answer

eeeehaw&nbsp;wrote:
How do I resolve this issue in ReadyNAS?

First, the security issue is that the certificate is self-signed - so there is no trusted third party that can authenticate the server.&nbsp; The security risk is that a man-in-the-middle attack could be undetected.&nbsp;&nbsp;It's a big deal if you were (for example) connecting to your bank to access your account.&nbsp; But it's not a significant threat for a NAS on your home network.&nbsp; Also, even though the duo can't be authenticated, the connection is still encrypted.&nbsp;&nbsp;
&nbsp;
There is no simple way to get and install a validated certificate on the Duo.&nbsp;&nbsp;
&nbsp;
The simplest solution is to just click through the security warning - which is certainly possible with Chrome, Edge, and IE.&nbsp; You could alternatively use FireFox and store a security exception for the NAS.
&nbsp;
BTW, you will also find that Chrome won't populate the SMART status when you click on the SMART+ controls on the health page.&nbsp; They will be populated in other browsers.

CplMulder · Answer

The latest Chrome version has disabled click-through for the ERR_SSL_SERVER_CERT_BAD_FORMAT issue...

My work-around was to first access my admin page from Edge or IE (Firefox did not work for me) and after clicking-through the warnings, goto to settings>http and enable "Enable HTTP Admin" (screeshot attached will help to find it) .... after doing this using even Chrome over http works (remove the "s" from the https address)... launching from RAIDar NAS Control also works great

I appreciate this is not as secure but then again neither is a certificate with an untrusted issuing authority.

Screenshot attached of where to change setting....

schumaku · Answer

CplMulder&nbsp;wrote:The latest Chrome version has disabled click-through for the&nbsp;ERR_SSL_SERVER_CERT_BAD_FORMAT issue...Whatever Chrome version that is ... no problems here with Chrome 76, Chrome 77, and Chrome Canary 77.&nbsp;&nbsp;CplMulder&nbsp;wrote:I appreciate this is not as secure but then again neither is a certificate with an untrusted issuing authority.While there is a warning on connecting by https ....===Your connection is not privateAttackers might be trying to steal your information from&nbsp;rnXXXX&nbsp;(for example, passwords, messages or credit cards).&nbsp;Learn moreNET::ERR_CERT_AUTHORITY_INVALID===...which still can be bypassed ... it's not&nbsp;ERR_SSL_SERVER_CERT_BAD_FORMAT - re-create the self-signed cert by entring a new/different name on the https control of your RN.&nbsp;&nbsp;&nbsp;&nbsp;...&nbsp;&nbsp;

CplMulder · Answer

Interesting...&nbsp;I am on the same version of chrome..... however my chrome has no "continue" option (screenshot)...&nbsp;perhaps this is due to some settings within chrome, restrictions imposed by security software or even group policy applied by an employer....&nbsp;My http link is the only option right now for me that works (on a very protected network tho)&nbsp;MulderLondon