[c-nsp] 3750 https bad certificate?

Peter Rathlev peter at rathlev.dk
Wed Sep 16 12:44:55 EDT 2009


Hi Jeff,

On Wed, 2009-09-16 at 11:48 -0400, Jeff Fitzwater wrote:
> I have a 3750 running 12.2.44
> 
> I have one or two units that I cannot https into because the  
> certificate cannot be trusted.
> 
> Everything seems to point to the keys on the switch and even after  
> generating new keys it still fails https.
> 
> I can ssh in to CLI, just can't https.
> 
> I have zeroized keys and disabled ip http secure-server and reenabled
> it, but still no luck.

I assume that the certificates you generate on the switch are self
signed, and that would of course give a warning since the browser
doesn't trust the issuer, which is the switch itself.

> I did not reset the switch yet.
> 
> Does anybody have any ideas on this.

You either have to explicitely trust the self signed certificate or get
a certificate from a trusted CA.

Or am I misunderstanding you question?

Regards,
Peter




More information about the cisco-nsp mailing list