+ Reply to Thread
Results 1 to 6 of 6

Thread: THere's a problem with the security certificate of this website...

  1. #1
    DragonLeaves is offline Fiery Forum Expert Contributor DragonLeaves is on a distinguished path
    Join Date
    Aug 2014
    Posts
    79

    Question THere's a problem with the security certificate of this website...

    How do we fix that?


    Since as long as I can remember whenever you go to the webpage of a Fiery you have this certificate issue. Can this be fixed, short of shelling out for an SSL?

  2. #2
    Join Date
    Apr 2009
    Location
    Minneapolis, MN
    Posts
    226

    Default Just to be clear...

    hi Dragon leaves... want to fix this, but want to make sure I understand the problem. Just to be clear, which website are you referring to? The Fiery Forums website, or one of the config pages of the Fiery? Can you include a screen shot to this thread on the problem you are seeing?. Thanks!

  3. #3
    thistlegorm is offline Fiery Forum Expert Contributor thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status thistlegorm has achieved rock star status
    Join Date
    Jul 2009
    Location
    London UK
    Posts
    797

    Default

    Hi Gary,

    I think he means the embedded webpage on the fiery - I installed 2 x EX180 this week & can see this just by opening 127.0.0.1 in IE.
    Remember you are what you eat ! I'm a twix..

  4. #4
    adam1991 is offline Fiery Forum Expert Contributor adam1991 has proven very helpful adam1991 has proven very helpful adam1991 has proven very helpful adam1991 has proven very helpful adam1991 has proven very helpful
    Join Date
    Feb 2010
    Posts
    1,029

    Default

    I see it when connecting via Remote Desktop.

  5. #5
    Join Date
    Jul 2009
    Location
    Amsterdam
    Posts
    846

    Default Answer to certificate errors when loading Fiery WebTools

    Hello Forum friends,

    Here's the full story, and if you can't be bothered reading it all skip to the solution at the end.

    Why does Fiery WebTools cause the browser to call a certificate error?

    When loading WebTools, a security certificate error may be displayed in the browser.

    This error is displayed because WebTools on FS200 and later servers requires HTTPS (Hyper Text Transfer Protocol Secure) a secure connection over HTTP, in order to encrypt the usernames and passwords passed over the network to the Fiery server.

    HTTPs connections use SSL certificates to verify the web servers identity, and exchange encryption keys.

    When Web browsers are presented with an SSL certificate, they first check to see if the certificate is signed by a Certificate Authority (CA), or on it’s local list of implicitly trusted sites. If not, they warn the user appropriately before connecting.

    The Fiery server is using a self signed root certificate, which is not signed by a CA, resulting in browser warnings such as the example below:

    Safari “Safari can’t verify the identity of the website’

    Chrome: “Your connection is not private.
    Attackers might be trying to steal your information from 127.0.0.1 (for example, passwords, messages, or ****** cards). NET::ERR_CERT_AUTHORITY_INVALID”

    In all cases the user can click to proceed to the website despite the error – which will then allow WebTools home page to load. You can also use the tips below to prevent future errors.


    Why doesn’t the Fiery server ship with a trusted SSL certificate that browsers trust?

    The design of SSL certificates doesn’t allow this. A trusted SSL certificate binds together the Web servers domain name, server name or hostname, plus the organizational identity (i.e. company name) and location.

    When the Fiery server is shipped from the factory, EFI does not know the eventual destination of the server, so these items can’t be included in a certificate.


    How to prevent SSL errors:


    The network administrator may choose to either buy an SSL certificate online for their Fiery server (they can be purchased for either 1, 2 or 3 year duration), binding it’s domain/name and location/company details into the certificate, or add their own self signed certificate to the Fiery server, using the Configure Tool.

    Also some browsers such as Safari allow the user to ‘Always trust’ this certificate when connecting to the Fiery servers IP address.

    Chrome will stop showing errors if you bookmark the website after clicking through the warning the first time.

    Alternatively you could install the certificate, using the procedure in the note attached.
    Stop SSL warnings on Chrome and IE.pdf

    Hope this helps

  6. #6
    DragonLeaves is offline Fiery Forum Expert Contributor DragonLeaves is on a distinguished path
    Join Date
    Aug 2014
    Posts
    79

    Thumbs up Thank you so much!

    Thank you so much for the detailed answer Greta!!!

    You and your peers are why this forum is so useful.

    Cheers

+ Reply to Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts