Description
SSL certificates are not installed properly when using the Administration UI. When applying certificates under System > Settings > Security > Certificate Management, there are no errors generated (as if certificates installed correctly). However, old certificate information is displayed when browsing to Captive Portal.
Scope
Version: 8.5.0, 8.5.1 and 8.5.2
Solution
Workaround: Contact Support for assistance.
Solution: To be addressed in a future release.
Additional symptoms:
- Under /bsc/siteConfiguration/apache_ssl n the Application server, certificate files show "root" as the owner, and the dates are not updated to reflect the time of certificate installation.
Example (installed new certificate in August):
root@acorn1:/bsc/siteConfiguration/apache_ssl
> ll
total 32
4 -rw-r--r-- 1 root root 887 Apr 24 16:43 server.csr
4 -rw-r--r-- 1 root root 1675 Apr 24 16:43 selfsigned.key.orig
4 -rw-r--r-- 1 root root 1675 Jun 4 11:38 selfsigned.key
4 -rw-r--r-- 1 root root 1346 Jun 4 11:38 selfsigned.crt
4 -rw-r--r-- 1 root root 1675 Jun 4 12:02 server.key
4 -rw-r--r-- 1 root root 1891 Jun 4 12:02 server.crt
8 -rw-r--r-- 1 root root 4795 Jun 4 12:02 server.ca-bundle
- /bsc/logs/output.nessus log in Application Server printsthe following message:
java.io.FileNotFoundException: /bsc/siteConfiguration/apache_ssl/server.key (permission denied)
Workaround:
1. Change owner to nac:root. In Application Server CLI, type
cd /bsc/siteConfiguration/apache_ssl
chown nac:root ./*
2. Re-install the certificate files again from the Administration UI