BugZero found this defect 3503 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
10/16/2014
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
All
Fireware
11.x
11.10.x
11.10.1
11.10.2
11.10.3
All
If you configure your WatchGuard Management Server to validate the domain controller’s SSL certificate for Active Directory Authentication, certificate validation fails if the Active Directory server has a certificate with an RSASSA-PSS signature. When this occurs, user authentication fails and you can see a log message like this in the application event logs or Management Server log messages: Error (8203), Authentication failed; (error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm) <wmserver_auth peer='127.0.0.1' /> (permission denied)
In the Management Server section of WatchGuard Server Center, select the Active Directory tab and clear the Validate the domain controller’s SSL certificate checkbox.