Manualshelf

Specifications

ManualsBrandsADTRAN ManualsComputer equipmentBlueSecure Controller
11121314151617181920
Redirect to hostname requires both an A record (forward) and PTR record (reverse) in your
organizations DNS server for the BSC's Fully Qualified Domain Name (FQDN) and the
protected interface IP address. The FQDN entered in your DNS server must match the common
name (FQDN) you used when generating the CSR. Check to make sure you have BOTH these
records in your organizations DNS server. If redirect to hostname is enabled and not functioning
it is likely you are missing the PTR.
To test the PTR perform an nslookup from the command prompt of a client for the protected
interface IP address. You should be returned the FQDN. Assuming the client is using the same
DNS server configured on the protected interface of the BSC. For example C:\>nslookup
192.168.130.1 assuming 192.168.130.1 is the protected interface IP address. If not, add the PTR,
test with nslookup to confirm, and then reboot the BSC. The BSC queries the PTR during boot
and redirects users to what is returned going forward. The name in the url bar of the browser
must match the common name (FQDN) you used when generating the CSR or you will receive a
certificate name mismatch error in the browser.
I installed a cert provided by a trusted CA on the BSC but I am still receiving a certificate
error.
I have installed a certificate provided by a trusted Certificate Authority such as Verisign or
Godaddy on the BSC. I have verified the certificate is valid. I have verified that redirect to
hostname is functioning and that the name in the url bar of the browser matches the common
name of the certificate (FQDN). Why am I still receiving a certificate error from the browser
indicating the certificate was not issued by a trusted certificate authority? Occasionally some
browsers will give the error when others do not.
Examples of the browser error include:
IE: "The security certificate presented by this website was not issued by a trusted certificate
authority".
Firefox: "The certificate is not trusted because the issuer certificate is unknown. (Error code:
sec_error_unknown_issuer)".
Safari: "Authentication failed because the server certificate is not trusted."
You may not have installed a required chain/intermediate certificate. Check with your certificate
authority if a chain/intermediate certificate is required. Go to web logins>ssl>current. Under
chain certificate upload Chain CA Certificate: browse for and upload the chain/intermediate
certificate obtained from the certificate authority.