Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Internal Certificates for multiple SonicWalls

Posted on 2009-06-27
5
Medium Priority
?
915 Views
Last Modified: 2012-05-07
Noob question.

So I have 16 Sonicwalls on my network, all vpns are setup correctly and everything works as is.  I've been tasked with setting up the Content Filter Service (which I got up and running and working well) Next they want different group access levels, also got this setup and working properly (managers aren't filtered much, lowbies are heavily filtered) but the boss wants user authentication turned up so we can track everything.  Got this working with LDAP integration with my AD no problems there.  But the one problem I have is that all the sonicwalls (PRO 1260s and TZ 170s) are all using self signed certs. So whenever ever any one opens a browser they get the "There is a problem with this website's security certificate.  The security certificate presented by this website was not issued by a trusted certificate authority. " error, I know that you can click "Continue to this website (not recommended). " and everything works fine, but my users freaked out. I know that I could purchase a bunch of certs from a trusted CA, but this is all internal.  Can I setup some sort of internal CA so that I can issue certs to the sonicwalls and have them be trusted by my internal network?

I know very little about certs, I've installed 3rd party certs for my mail and web server, but that's pretty straight forward, I have no idea where to begin looking for a solution to this one.

Any help appreciated.

Cheers,

Brian
0
Comment
Question by:mobious74
  • 2
  • 2
5 Comments
 
LVL 23

Expert Comment

by:ComputerTechie
ID: 24729601
Have you tried Tools, Internet Options, Advanced?
In the Security section there is an option "Warn about certificate address mismatch"

CT
0
 

Author Comment

by:mobious74
ID: 24729679
That's one option, but that would require touching each PC. As half of my boxes aren't on the domain (lab boxes) and they're in different cities, I'm hoping for a solution that wouldn't require going to each box.
0
 
LVL 2

Assisted Solution

by:zoltan9992000
zoltan9992000 earned 800 total points
ID: 24729680
Have you tried adding the certificate to your certificate store - add to the Trused Root Certificate Store.

This should stop the message appearing - providing the details on the cert match the details of the server.
0
 
LVL 23

Accepted Solution

by:
ComputerTechie earned 1200 total points
ID: 24730279
you can make the changue using gpo if i remember correctly.

CT
0
 

Author Closing Comment

by:mobious74
ID: 31597605
Sorry this took so long, I setup a Microsoft CA server and pushed it to the Trusted Root using GPO and on the machines that are not on the domain I manually added them to the Trusted Root...thanx all.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hyper-convergence systems have taken the IT world by storm and have quickly started to change our point of view of how the data center should and could be architected. In this article, I’ll explain the benefits of employing a hyper-converged system …
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question