|Applies To||RSA Product Set : SecurID|
RSA Product/Service Type : RSA Authentication Manager
RSA Version/Condition: 8.1 Service Pack 1 or later
Platform : SUSE Enterprise Linux
O/S Version : 11 Service Pack 3
Product Description : SecurID Appliance
|Issue||Supported web browsers report messages when accessing either the Security Console or the Operations Console or the Self-Service Console.|
Microsoft Internet Explorer reports "There is a problem with this website's security certificate."
Google Chrome reports "Your connection is not private"
Mozilla Firefox reports "Your connection is not secure"
|Cause||The Trusted Root Certification Authorities store of the Microsoft Windows workstation or server where the web browser is being used to access the Authentication Manager portals (Security Console, Operations Console & Self-Service Console) does not have the root CA certificate generated by the authentication manager instance during deployment.|
Customers can replace the self-signed certificate created during the deployment of RSA Authentication Manager 8.1 software to remove the message presented in the web browser when accessing the Security Console, Operations Console or Self-Service Console. Instructions are provided in a section called Certificate Management for Secure Sockets Layer (starting page 172) found in the RSA Authentication Manager 8.1 Administrator’s Guide (revision 1).
Click Copy to File… button so save the certificate to a file.
Click Next > button
select a format you want to use (leaving the default for this example) and click Next > button
Enter a filename and click the Next > button
Click Finish button
Clicking the Install Certificate… button will enable the trust of the authentication manager root CA certificate in the Trusted Root Certification Authorities store.
rsaadmin@am81p:/opt/rsa/am/server/security> ls -l *.jks
The authentication manager root CA certificate is stored in the caStore.jks file.
NOTE: Viewing the contents or exporting data from caStore.jks will require the Root Certificate Keystore File Password (found by running ./rsautil manage-secrets –a listall from the /opt/rsa/am/utils folder)
|Notes||Manage Trusted Root Certificates - URL https://technet.microsoft.com/en-us/library/cc754841.aspx|
|Legacy Article ID||a38690|