Michel Kohanim Posted June 14, 2013 Share Posted June 14, 2013 mitch236, The URL you use to access ISY MUST be the same as the name in the certificate. What's the URL? With kind regards, Michel Link to comment
mitch236 Posted June 14, 2013 Author Share Posted June 14, 2013 It's identical. I didn't want to publish it (although I don't really know why not), but I merely selected the Admin Console from the first screen shot. The only change in URL is this: https://XXXXXXX.com/WEB/INDEX.HTM becomes: https://XXXXXXX.com/admin Link to comment
Michel Kohanim Posted June 15, 2013 Share Posted June 15, 2013 Hi mitch236, The warning for admin is 100% normal and part of Java. If you don't want that, please use: http://isy.universal-devices.com/99i/admin.jnlp With kind regards, Michel Link to comment
paauto Posted June 26, 2013 Share Posted June 26, 2013 I too am trying to figure out the self signed cert process. It seems that even after creating a self signed cert and adding it to my remote computer's Trust Cert folder I continue to get the warning message. I am directing my remote computer's browser to the old (99i) address. Do I need to direct it to a different suffix? Presetnly I am using https://mydnsalias:secure port number. Is this the problem? Is the old admin counsel obsolete and replaced with the new one? The old one seems to work fine. Link to comment
Michel Kohanim Posted June 27, 2013 Share Posted June 27, 2013 Hi paauto, The domain name (or IP address) for ISY must be identical to the common name that you have used for the certificate. If not, then regardless of what you do with the trust center in your computer, you will get that warning. With kind regards, Michel Link to comment
paauto Posted June 27, 2013 Share Posted June 27, 2013 Where do I find the "common name" for the certificate? I self created a certificate with an issuer and host name of 192.168.1.104 (i.e. the IP address of the 994 on my network). The https port I use (with port fowarding) is 6700. The URL I use to remotely access is: https://XXX.dnsalias.org:6700/web/index.htm (where XXX is my alias name, redacted for this forum). I think what you are instructing is the URL has to match something in the certificate. If so, what in the certificate? Thank you. Link to comment
Michel Kohanim Posted June 28, 2013 Share Posted June 28, 2013 Hi paauto, The hostname = common name and in your case: XXX.dnsalias.org With kind regards, Michel Link to comment
paauto Posted June 28, 2013 Share Posted June 28, 2013 Thanks Michael. Apologies for being a bit dense, but should I then insert XXX.dnsalias.org as the Host Name when I create the certificate? Also, does it matter what I input as Org., Org. Unit, Locality, State and Country or should I use the values in the example on page 8 of the guide? I did use Key Strength 2048. Thank you. Link to comment
Michel Kohanim Posted June 28, 2013 Share Posted June 28, 2013 Hi paauto, No, it should be your actual dynamic dns domain. The state/locality/email/etc. do not really cause certificate errors. With kind regards, Michel Link to comment
sk8er02 Posted June 30, 2013 Share Posted June 30, 2013 Hi mitch236, This is a zip file. If you don't mind, you can send me your zip file and I can take a look ... please note that this is not secure since I will have access to your certificate. My email is support@universal-devices.com . With kind regards, Michel What ended up being the solution to this? I've requested a certificate from GoDaddy but after I install it, I'm not able to access the ISY 99i Pro through the secure URL. And the external domain listed under about is just my IP address. The certificate I'm installing looks somewhat like this, it's from a file from GoDaddy called gd_bundle.crt -----BEGIN CERTIFICATE----- (a bunch of characters) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (a bunch of characters) -----END CERTIFICATE----- Link to comment
Michel Kohanim Posted July 1, 2013 Share Posted July 1, 2013 Hi sk8er02, GoDaddy allows two different certificate issuers. One is GoDaddy and the other is Starfield. Please choose Starfield instead of GoDaddy as the issuer and retry. With kind regards, Michel Link to comment
sk8er02 Posted July 1, 2013 Share Posted July 1, 2013 Hi sk8er02, GoDaddy allows two different certificate issuers. One is GoDaddy and the other is Starfield. Please choose Starfield instead of GoDaddy as the issuer and retry. With kind regards, Michel Thanks! I'll give it a try tonight. Am I using the right option? I'm choosing "other" and using the "bundle" file that it gives. I'm getting the same options as Mitch in his screen shot earlier in this thread. Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.