Dimension Certificate
I have a Dimension server hosted on the cloud. Every time clients access the server the will encounter the certificate warning Site not secure. Can the firebox or dimension self sign its certificate for it to be exported? And can I import it to the clients firebox and web browser to prevent these warning pages?
- Greg Gilbraith
Best Answer
-
Eugene_ WatchGuard Representative
Hello Greg,
Regarding your questions, yes the firebox and dimension self sign certificate can be exported and then imported onto your client computers. Really though you just need to Export the self signed Root CA from the firebox and Dimension server and import those into the client computer's Certificate Store (under Trusted Root Certificate Authorities) to accomplish this goal.
Alternatively you can also get 3rd party Web Server certificates signed by a 3rd party Certificate Authority and import required certs (Root CA, Intermediate and Web Server) onto your Firebox and Dimension Server.
Quick Note on Dimension and Certs: If you do go the 3rd party certificate and do not generate the Certificate Signing Request (CSR) for the cert on the Dimension server, the only way to import the signed certificate will be by using a PFX file.
Cheers,
-- Eugene Torre | Support Engineer
5
Answers
Hello Greg,
The default Dimension web server certificate is generated by the WatchGuard Agent and the certificate's Subject does not include any verifiable information. Your web client would not be able to validate the chain of trust even if you were to add the signing root certificate to your client's CA store.
To get rid of the certificate warning, generate a CSR from Certificate Management tools and get it signed by a public CA. Import the signed certificate into Dimension.