NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SSL Bad Certificate Format error blocking management interface
I ran into an unusual problem today on a new Win10Pro laptop where my Chromium engine based browser blocked access to my ReadyNAS Duo v1 (latest firmware 4.1.1.6) because of SSL certificate problem, ...
eeeehaw wrote:
How do I resolve this issue in ReadyNAS?
First, the security issue is that the certificate is self-signed - so there is no trusted third party that can authenticate the server. The security risk is that a man-in-the-middle attack could be undetected. It's a big deal if you were (for example) connecting to your bank to access your account. But it's not a significant threat for a NAS on your home network. Also, even though the duo can't be authenticated, the connection is still encrypted.
There is no simple way to get and install a validated certificate on the Duo.
The simplest solution is to just click through the security warning - which is certainly possible with Chrome, Edge, and IE. You could alternatively use FireFox and store a security exception for the NAS.
BTW, you will also find that Chrome won't populate the SMART status when you click on the SMART+ controls on the health page. They will be populated in other browsers.
The latest Chrome version has disabled click-through for the ERR_SSL_SERVER_CERT_BAD_FORMAT issue...
My work-around was to first access my admin page from Edge or IE (Firefox did not work for me) and after clicking-through the warnings, goto to settings>http and enable "Enable HTTP Admin" (screeshot attached will help to find it) .... after doing this using even Chrome over http works (remove the "s" from the https address)... launching from RAIDar NAS Control also works great
I appreciate this is not as secure but then again neither is a certificate with an untrusted issuing authority.
Screenshot attached of where to change setting....
CplMulder wrote:The latest Chrome version has disabled click-through for the ERR_SSL_SERVER_CERT_BAD_FORMAT issue...
Whatever Chrome version that is ... no problems here with Chrome 76, Chrome 77, and Chrome Canary 77.
CplMulder wrote:
I appreciate this is not as secure but then again neither is a certificate with an untrusted issuing authority.
While there is a warning on connecting by https ....
===
Your connection is not private
Attackers might be trying to steal your information from rnXXXX (for example, passwords, messages or credit cards). Learn more
NET::ERR_CERT_AUTHORITY_INVALID===...which still can be bypassed ... it's not ERR_SSL_SERVER_CERT_BAD_FORMAT - re-create the self-signed cert by entring a new/different name on the https control of your RN....Interesting...
I am on the same version of chrome..... however my chrome has no "continue" option (screenshot)... perhaps this is due to some settings within chrome, restrictions imposed by security software or even group policy applied by an employer....
My http link is the only option right now for me that works (on a very protected network tho)
Mulder
London
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
