Operational Defect Database
BugZero found this defect 97 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA16S000000bzOJSAY
Management server unable to add new devices with RapidDeploy
Last update date:
2/13/2024
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.1.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
Fixed releases:
v12.10.2 Update 1
Description:
Issue
The Management Server does not correctly add new devices with the RapidDeploy feature when you upload a .csv file of devices.
Workaround/Solution
This issue occurs because a certificate used by WatchGuard servers was updated January 4th, 2024 that prevents WatchGuard System Manager (WSM) from communicating with the RapidDeploy Deployment Center. This issue is resolved in WSM v12.10.2 Update 1 released on 4 March 2024 that contains the required certificates. To workaround this issue, you can manually install the required certificate: From a web browser, go to https://www.digicert.com/kb/digicert-root-certificates.htmDownload this PEM certificate: DigiCert Global Root G2 Install this certificate on the Management Server with WatchGuard Server Center. On the computer that has the Management Server software installed, right-click in the system tray and select Open WatchGuard Server Center.Type your Username and Administrator passphrase. Click Login.In the Servers tree, select Management Server.Select the Active Directory tab.Select the Enable Active Directory authentication check box. This is a temporary procedure to install the certificate, and does not require you to have an Active Directory server. If you already use Active Directory authentication, go to Step 7.Click Add and add a domain name. You can use "example.com".Select the Validate the domain controller's SSL certificate check box.Click Import to import a CA certificate. Select the new certificate you downloaded and import the certificate. Click Apply. If you did not use Active Directory authentication, clear the Enable Active Directory authentication check box to disable Active Directory and return to your original configuration. If you did use Activate Directory authentication, but did not validate the domain controller's SSL certificate, clear the corresponding check box to return to your original configuration.Click Apply.
