Set Up & Administer Your Firebox > Certificates > Use Certificates for Authentication > Configure the Web Server Certificate for Firebox Authentication

Configure the Web Server Certificate for Firebox Authentication

When users connect to your Firebox with a web browser, they often see a security warning. This warning occurs because the default certificate is not trusted, or because the certificate does not match the IP address or domain name used for authentication. You can use a third-party or self-signed certificate that matches the IP address or domain name for user authentication. You must import that certificate on each client browser or device to prevent the security warnings.

For more information on how to import and install a third-party Web Server certificate, see Import and Install a Third-Party Web Server Certificate.

To configure the web server certificate for Firebox authentication, from Fireware Web UI:

  1. Select Authentication > Web Server Certificate.

Screen shot of the Authentication Web Server Certificate page

  1. To use the default certificate, select Default certificate signed by Firebox and proceed to the last step in this procedure.
  2. To use a certificate you have previously imported, select Third party certificates.
  3. Select a certificate from the Third party certificates drop-down list and proceed to the last step in this procedure.
    This certificate must be recognized as a Web certificate.
  4. To create a custom certificate signed by your Firebox, select Custom certificate signed by Firebox.
  5. Type the Common Name for your organization. This is usually your domain name.
  6. (Optional) You can also type an Organization Name and an Organization Unit Name to identify the part of your organization that created the certificate.
  7. To create additional subject names, or interface IP addresses for IP addresses on which the certificate is intended for use, in the Domain Names text box, type the domain name and click Add.
    The domain name appears in the Domain Names list.
  8. Repeat Step 8 to add more domain names.
  9. Click Save.

To see the current web server certificate, from Fireware System Manager:

  1. Open Firebox System Manager.
  2. Select View > Certificates. The web server certificate is marked with an asterisk.

To configure the web server certificate for Firebox authentication:

  1. Select Setup > Authentication > Web Server Certificate.

screenshot of Web Server Certificate page

  1. To use the default certificate, select Default certificate signed by Firebox and proceed to the last step in this procedure.
  2. To use a certificate you have previously imported, select Third party certificates.
  3. Select a certificate from the Third party certificates drop-down list and proceed to the last step in this procedure.
    This certificate must be recognized as a Web certificate.
  4. To create a custom certificate signed by your Firebox, select Custom certificate signed by Firebox.
  5. Type the Common Name for your organization. This is usually your domain name.
  6. (Optional) You can also type an Organization Name and an Organization Unit Name to identify the part of your organization that created the certificate.
  7. Click Add Domain Names or Add Interface IP Addresses.

Add Domain Names dialog box

Add Interface IP Addresses dialog box

  1. In the text box at the bottom of the dialog box, type a domain name or IP address of an interface on your Firebox.
  2. Click Add.
  3. Repeat Steps 8–9 to add more domain names.
  4. Click OK.

See Also

About Certificates

Manage Device Certificates (WSM)

About User Authentication

Give Us Feedback     Get Support     All Product Documentation     Technical Search