Blowser error: Invalid Server Certificate
Browser displays connection untrusted error
Summary: When accessing the search appliance over HTTPS, the browser shows a warning such as "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox). This can happen when accessing any of the following services over HTTPS:
- Admin Console(port 8443)
- Version Manager(port 9942)
- Search results(port 443)
Cause: To establish an HTTPS connection, the browser needs to trust the SSL/TLS cert installed on the search appliance. In the case where the browser displays this error, the search appliance has an SSL cert which is either self-signed or the signing certificate of authority is not trusted by your browser's configuration.
Troubleshooting Steps:
- Log into Admin Console > Administration > SSL Settings.
- The certificate currently installed on GSA is shown in the top "Current SSL Certificate Information" section.
- Check in with your local SSL/TLS admin to understand if the proper certificate is installed.
Fix: Use one of the following options to workaround or fix the issue:
- Ignore the warning, or set an exception on browser to ignore future warning.
- Export the search appliance's self-signed authority (check with browser vendor support or use "openssl" tool to download this) and then install in browser to "trust" the search appliance's SSL cert.
- Only access the search appliance over HTTP.
- Install a valid SSL/TLS cert using Admin Console > Administration > SSL Settings.
Summary: When accessing the search appliance over HTTPS, the browser shows a warning such as "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox). This can happen when accessing any of the following services over HTTPS:
- Admin Console(port 8443)
- Version Manager(port 9942)
- Search results(port 443)
Cause: To establish an HTTPS connection, the browser needs to trust the SSL/TLS cert installed on the search appliance. In the case where the browser displays this error, the search appliance has an SSL cert which is either self-signed or the signing certificate of authority is not trusted by your browser's configuration.
Troubleshooting Steps:
- Log into Admin Console > Administration > SSL Settings.
- The certificate currently installed on GSA is shown in the top "Current SSL Certificate Information" section.
- Check in with your local SSL/TLS admin to understand if the proper certificate is installed.
Fix: Use one of the following options to workaround or fix the issue:
- Ignore the warning, or set an exception on browser to ignore future warning.
- Export the search appliance's self-signed authority (check with browser vendor support or use "openssl" tool to download this) and then install in browser to "trust" the search appliance's SSL cert.
- Only access the search appliance over HTTP.
- Install a valid SSL/TLS cert using Admin Console > Administration > SSL Settings.
Make sure that you don't download anything on with the browser, encase you attempted to download and the error message appear below "Click Discard"
