No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R009C00 Single-Node System Software Installation Guide (SUSE Linux) 09

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
What Do I Do If the eSight Displays a Security Certificate Error During Login

What Do I Do If the eSight Displays a Security Certificate Error During Login

Symptom

Internet Explorer or Mozilla Firefox displays a message indicating that the security certificate is incorrect when you log in to the eSight.

  • The following figure shows the security certificate error prompted by Internet Explorer.

  • The following figure shows the security certificate error prompted by Firefox.

  • The following figure shows the security certificate error prompted by Chrome.

Possible Causes

The security certificate is incorrect or is not installed, you need to install a valid security certificate.

Procedure

  • Method 1: Deploy the certificated authorized by the Certificate Authority (CA) to eSight.
    1. Contact the eSight server administrator to apply for a certificate from the CA.
    2. Deploy the certificates issued by the CA to the eSight.
    NOTE:

    When you access the eSight using a domain name, you must apply this method (of applying for a certificate corresponding to the domain name and deploying the certificate) to resolve the incorrect security certificate issue prompted by the browser.

  • Method 2: Set the certificate of the eSight to a trust certificate of the browser.
    • Install the security certificate in Internet Explorer.
      1. Copy the eSight installation directory/AppBase/etc/certificate/application/ca/ca.crt to a local directory.
      2. Open the IE explore, login the eSight, click Tools > Internet Options.
      3. In the Internet Options dialog box, select the Certificate on the Content tab page.
      4. In the Select Certificate Store dialog box, select Trusted Root Certification Authorities and click Import.
      5. Click Next.
      6. Click Browse, select the ca.crt.
      7. Click Next.
      8. Select Place all certificates in the following store and click Browse.
      9. In the Select Certificate Store dialog box, select Trusted Root Certification Authorities and click OK.
      10. Click Next.
      11. In the Certificate Import Wizard dialog box, click Finish.
      12. In the Security Warning dialog box, click Yes.
      13. In the Certificate Import Wizard dialog box, click OK.
      14. Close Internet Explorer and open it again to log in to the eSight.

        The security certificate error page is displayed due to the invalid certificate. Click Continue to this website (not recommended). The eSight login page is displayed for you to log in to the eSight.

    • Install the security certificate in Mozilla Firefox.
      1. Copy the eSight installation directory/AppBase/etc/certificate/application/ca/ca.crt to a local directory.
      2. Choose Open menu > Options on the menu bar of Mozilla Firefox.
      3. Click Advanced, and choose Certificates tab.
      4. Click View Certificates.
      5. Choose Authorities tab in the Certificate Manager window.
      6. Click Import, choose the security certificate, and click Open.
      7. Choose Trust this CA to identify websites. in the Downloading Certificate window, and click OK.
      8. Click OK.
      9. Close Mozilla Firefox and open it again to log in to the eSight.
    • Install the security certificate in Chrome.
      1. Copy the eSight installation directory/AppBase/etc/certificate/application/ca/ca.crt file from the eSight server to the local PC.
      2. Choose Settings from the menu bar of the browser.
      3. Click Manage certificates under HTTPS/SSL.
      4. Click the Trusted Root Certification Authorities tab in the Certificates dialog box and click Import.
      5. In the Certificate Import Wizard dialog box, click Next.
      6. Click Browse and select the CA certificate ca.crt of eSight.
      7. Click Next.
      8. Select Place all certificates in the following store and click Browse.
      9. In the Select Certificate Store dialog box, select Trusted Root Certification Authorities and click OK.
      10. Click Next.
      11. In the Certificate Import Wizard dialog box, click Finish.
      12. If your browser version is Chrome 58 or later, perform the following operations:

        Log in to the server as the root user and run the following command:

        if [ ! -d /etc/opt/chrome/policies/managed ];then mkdir -p /etc/opt/chrome/policies/managed; fi

        echo "{ \"EnableCommonNameFallbackForLocalAnchors\": true }" >> /etc/opt/chrome/policies/managed/secure.json

      13. Close the Chrome browser, open the Chrome browser again, and log in to the eSight.

Suggestion and Summary

Method 1 is recommended. Method 2 may do not work in some scenario because browser versions differ.

NOTE:
  • If eSight login via multiple subnetworks has been enabled, the Certificate Error will not be reported when you use the eSight installation IP address to log in to eSight.
  • If eSight is deployed in a remote HA mode, the Certificate Error will not be reported when you use the installation IP address of the active eSight server to log in to eSight.
Download
Updated: 2019-05-17

Document ID: EDOC1100011860

Views: 92202

Downloads: 138

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next