[c-nsp] 3750 https bad certificate?
Peter Rathlev
peter at rathlev.dk
Wed Sep 16 12:44:55 EDT 2009
Hi Jeff,
On Wed, 2009-09-16 at 11:48 -0400, Jeff Fitzwater wrote:
> I have a 3750 running 12.2.44
>
> I have one or two units that I cannot https into because the
> certificate cannot be trusted.
>
> Everything seems to point to the keys on the switch and even after
> generating new keys it still fails https.
>
> I can ssh in to CLI, just can't https.
>
> I have zeroized keys and disabled ip http secure-server and reenabled
> it, but still no luck.
I assume that the certificates you generate on the switch are self
signed, and that would of course give a warning since the browser
doesn't trust the issuer, which is the switch itself.
> I did not reset the switch yet.
>
> Does anybody have any ideas on this.
You either have to explicitely trust the self signed certificate or get
a certificate from a trusted CA.
Or am I misunderstanding you question?
Regards,
Peter
More information about the cisco-nsp
mailing list