WatchGuard WebCenter and Certificates
I have a Firebox M390. I am still using WebCenter. When I opened WebCenter today I received a message that my certificate had expired. I went into the CA Manager and attempted to create a new certificate. I put in all the information requested and clicked Generate. It just says creating certificate and spins and never actually creates the certificate. I know this is old technology but I was wondering if anyone could help me with this. Thanks
0
Sign In to comment.
Comments
Normally, deleting an expired cert and then rebooting the firewall will recreate that cert.
Not sure if this works for this cert, but I would expect so.
Renew or Replace an Expired Certificate on a Firebox
https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA10H000000g3XMSAY&lang=en_US
Bruce, I don't know where the Web Center certificate is or how to find it.
I'm running V12.10.1, which doesn't have the the Log or Report Servers.
I only can access the CA manager via the Web Center URL.
The cert shown in my web browser when accessing the CA manager is:
WatchGuard Root Server CA
Mine shows
Validity:
Not Before Fri, 08 Apr 2022 12:49:59 GMT
Not After Thu, 03 Apr 2042 12:49:59 GMT
See the following in the document below:
View Certificates
"To see the Certificate Authority (root) certificate and the Management Server CA certificates:"
Manage Certificates on the Management Server
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/certificates/cert_mgr_use_webbased_wsm.html
Presumably, that is the cert which is created by WSC installation - see WSC -> Management Server -> Certificates.
Try updating the Certificate Authority Lifetime to a higher value and see if that does anything helpful.
Can you access the cert info for your access to Web Center???
I can't access the certificate info in the CA Manager. If I go to CA Manager, Manage and search for the certificate by serial number nothing happens. No errors, no messages, nothing. When I search by Common Name I get "Some errors occurred during processing" The only info I can get on the certificate is what Google Chrome tells me when I open Web Center and Chrome says that the web site is not secure because the certificate is not valid. Updating the Certificate Authority Lifetime to a higher value did not help. I can view the certificates under CA Manager, View.
see below
I have finally found where the cert is stored.
In the Run box, enter MMC
Then File - Add/remove snap-in
Then select Certificates -> Add -> My User Account -> Finish
OK button
Then double click Certificates - Current User
Then Action -> Find Certificates
enter "watchguard" in the Contains field
You will see a list of certs including WatchGuard Certificate Authority.
Right click on cert for an option to delete it.
I deleted all of the WatchGuard Certificate Authority certs.
Then I ran WSM -> Connect to Server, which created a new WatchGuard Certificate Authority cert with new dates.
I did that and found all of the WatchGuard certificates but I was afraid to delete anything. On Saturday, just for the heck of it, I rebooted the Firebox and after it came back up I opened the Web Center. It still gave me the certificate error. I closed Web Center and did nothing else with it. Today (Monday) I opened Web Center and had a new certificate. I don't know how it happened, but I can only speculate that rebooting the Firebox gave me a new certificate, it just took some time for Web Center to see it.
I guess we can close this discussion. Thanks for all your help, I really appreciate it.