IE 7 - Certificate Error

[colinshedden]

When I connect to my N2100 I get an error from Internet Explorer that attempts to stop me from connecting and logging in as the address of the box is not the same as the one for the HTTPS certificate.

Is there anyway to stop this or change the certificate details?

Cheers

Colin

[holmes4]

I assume that not connecting with https is not an option?

There are two issues with the N2100 and SSL. The first is that the certificate is self-issued and browsers will not accept it by default. At least in Firefox, you can tell the browser to go ahead and accept it permanently. In IE7, you have to confirm that you want to visit the site each time - there is a facility for importing certificates, but I don't know how you'd use it in this context.

The second issue is that the hostname in the URL, which is typically an IP address, doesn't match the hostname in the certificate, n2100.thecus.com. I don't know how to tell either browser to ignore that problem on a permanent basis. The only thing I can think of is to add "n2100.thecus.com" to your "hosts" table and use that in the URL.

[getmythe]

the most radical solution to his problem is to install your own certificate authority within both the apache running on the Thecus and also within each web browser (or within the operating system itself!). Next you also have to issue a certificate for the web server itself. To avoid the problem of the web server name not matching the certificate you have to use a wildcard certificate.

Installing everything on the Thecus is the easiest part. Simply copy the three generated files to the relevant directories /opt/apache/conf/ssl.crt and /opt/apache/conf/ssl.key. These changes are permanent (not lost when shutting down).

I've been using such a setup for a while now. The only difference is that I do not need a wildcard certificate as my network router does have built in DNS support (running DD-WRT on a Linksys WRT54GS).