Operational Defect Database
BugZero found this defect 2947 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3FUSAY
Mobile VPN with SSL client does not remember the certificate warning bypass
Last update date:
6/23/2016
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.10.x
11.10.5
11.10.6
11.10.7
11.11.x
11.11
Fixed releases:
All
Description:
Issue
When you use Mobile VPN with SSL to connect to a Firebox with Fireware 11.10.5 or higher that has an untrusted web server certificate, the client always displays a certificate warning. If the user chooses to bypass the security warning, the warning continues to appear for subsequent connections to that Firebox.
Workaround/Solution
To avoid the certificate warning message, your client device must trust the Firebox web server certificate. Your client will trust the certificate if: The Firebox Web Server Certificate matches the IP address or domain name of the Firebox external interface, and is signed by a trusted certificate authority.The Firebox Web Server Certificate is self-signed and matches the IP address or domain name of the Firebox external interface, and you import the certificate on your client device's certificate storage. To learn more about the Firebox Web Server Certificate, see Configure the Web Server Certificate for Firebox Authentication.To learn how to import a certificate on a client device, see Import a Certificate on a Client Device.
