This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
GS308T Uses Internally Created SSL Certificates Instead of Certificates That I Upload
I have a GS308T on Boot Version 1.0.0.1 and Software Version 1.0.5.6. After disabling HTTPS Admin Mode, I went to the Maintenance > Update > HTTP Firmware/File Update menu, I have uploaded my certificate authority/intermediate authority PEM file using the "X.509 Public Certificate PEM" File Type. I also uploaded the server certificate/key PEM that I generated for the switch using the "X.509 Certificate Private Key PEM" File Type. I also generated a 512 bit Weak DH PEM file and a 1024 bit Strong DH PEM file and uploaded both file types using the same menu.
After doing all of this, I enable Admin Mode in HTTPS and then try navigating to the switch using HTTPS. I get a warning from my browser about a self-signed certificate. When I view the details of the certificate, it isn't the certificate information that I uploaded, it is from one that appears to have been automatically generated by the switch.
I know it is possible to do this because I did it last year when I first generated the certificates. I thought I followed the same process after renewing the certificates and trying to upload them again. However, even if I use the old certificates, the system always defaults to certs generated by the switch. The only thing that has changed is that I'm on a newer Software Version. Has anyone been able to successfully upload their own certs on a GS308T?
Re: GS308T Uses Internally Created SSL Certificates Instead of Certificates That I Upload
It appears that I have found the issue. The "X.509 Public Certificate PEM" shouldn't be my certificate authority/intermediate authority but rather just the certificate created for the switch. The "X.509 Certificate Private Key" shouldn't be the combined switch certificate and the key but rather just the key.
I had read some other topics on this issue in another forum that appear to have not been the correct instructions. I thought they would be similar because it was a similar product but that was not the case. Once I uploaded the Public Cert and the Private Key as well as the DH files and then enabled HTTPS, everything was working as expected.
Re: GS308T Uses Internally Created SSL Certificates Instead of Certificates That I Upload
It appears that I have found the issue. The "X.509 Public Certificate PEM" shouldn't be my certificate authority/intermediate authority but rather just the certificate created for the switch. The "X.509 Certificate Private Key" shouldn't be the combined switch certificate and the key but rather just the key.
I had read some other topics on this issue in another forum that appear to have not been the correct instructions. I thought they would be similar because it was a similar product but that was not the case. Once I uploaded the Public Cert and the Private Key as well as the DH files and then enabled HTTPS, everything was working as expected.
