ChrisVanMeer wrote

Hey there!

 

I requested a trusted SSL certificate from a Certificate Authority and went to the controller to upload both the certificate and key (both in PEM files).

No errors whatsoever. However, after rebooting, the certificate has not changed. I first tried and emptied the cache of my browsers.

And then I came to notice that in my case it had nothing to do with any browser cache, since I also tried to retrieve the certificate details through openssl:

 

❯ openssl s_client -connect 192.168.81.1:443 | openssl x509 -noout -subject
Warning: Reading certificate from stdin since no -in or -new option is given
Connecting to 192.168.81.1
Can't use SSL_get_servername
depth=0 C=CN, ST=ShenZhen, L=ShenZhen, CN=TP-Link
verify error:num=66:EE certificate key too weak
verify return:1
depth=0 C=CN, ST=ShenZhen, L=ShenZhen, CN=TP-Link
verify error:num=66:EE certificate key too weak
verify return:1
depth=0 C=CN, ST=ShenZhen, L=ShenZhen, CN=TP-Link
verify return:1
subject=C=CN, ST=ShenZhen, L=ShenZhen, CN=TP-Link

 

I get the same output when I try the openssl on the public domain name.

Here is a partial screenshot of the certificates that show up in the GUI (before and) after the reboot.

 

There are no log messages that I can find. Using the same SSL cert + key on a dummy Nginx webserver works like a charm.

Am I doing something wrong?

Hi @ChrisVanMeer 

May I know whether you have configured the domain name associated to the controller IP address? Could you share some screenshots you tried to login in your browser? Did you log in with the IP address or use the domain name?

And please go to global view >settings > System settings > Access Config >Controller hostname/IP, please check if you input the domain name of it is IP address. Please also disable the Auto Refresh IP.