Juniper Error Fb 18
The > "X509v3 Subject Alternative Name:" is empty on my testing certificate. > > I'm using Mozilla Firefox 36.0.1 on "Linux Mint 17.1 MATE 64-bit". Comment 31 David Keeler [:keeler] (use needinfo?) 2015-03-31 16:11:29 PDT Looks like that certificate has the same problem as in bug 1148766: X509v3 Subject Alternative Name: othername:
Comment 15 David Keeler [:keeler] (use needinfo?) 2015-03-13 10:40:11 PDT (In reply to Will from comment #13) > I get the point of trying to protect users from malicious attacks, but Thank you for the clarification. and "add exception" worked fine... ... This is the "unknown issuer" case, and it is overridable. https://kb.juniper.net/InfoCenter/index?page=answers&type=narrow&fac=By+Product.Security+Products.SSL+VPN.SA+6000&question_box=packet&searchid=1304448775111&step=
Iked_pm_id_validate Id Not Matched
I need to figure out what is wrong with them. Generated Wed, 30 Nov 2016 20:37:11 GMT by s_wx1189 (squid/3.5.20) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.9/ Connection By chillipepper on Jan 23, 2015 3:50pm 0 replies Jan 23, 2015 12:19pm Juniper Mag 2600 - Dynamic Bookmarks By dolejh on Jan 23, 2015 12:19pm 2 replies Jan 23, 2015 Logged spacyfreak Hero Member Posts: 515 Karma: +0/-0 Re: Error FB-2 « Reply #2 on: October 05, 2007, 08:47:13 am » in my case, the domain is a cluster of 7
Comment 2 Will 2015-02-04 09:36:13 PST This is with an internal site with a self-signed cert. Comment 41 Drake 2015-04-16 14:34:56 PDT Created attachment 8593610 [details] failing-cert.p7c Attached is a failing certificate in PKCS#7 format. Home Help Login Register JuniperForum.com » Security » Remote Access SSL VPN/UAC/MAG, Pulse, and SBR (Moderators: muppet, screenie.) » Topic: Error FB-2 « previous next » Print Pages:  Author Topic: There isn't any UI in Firefox itself to make this happen (see bug 585352), but it is possible to use certutil directly on a profile's certificate database to mark an intermediate
Comment 23 Will 2015-03-16 14:29:29 PDT I'm wondering if this behavior is the same, since this is also referring to NSS: https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.0/html/Admin_Guide/Managing_the_Certificate_Database.html#About_CA_Certificate_Chains "If the certificates contain the SSL-CA bit in the General-ikeid Here are 2 sample URLs that illustrate the issue: https://184.108.40.206:8080/ (WatchGuard - always works) https://220.127.116.11/ (Juniper - always fails) Comment 42 David Keeler [:keeler] (use needinfo?) 2015-04-16 14:48:43 PDT Drake, thanks On closer inspection, it appears to be a problem with only certain IP addresses: BAD: https://18.104.22.168/ (private Juniper firewall) - no popup when clicking Add Exception GOOD: https://22.214.171.124/ (www.google.com's current IP https://forums.pulsesecure.net/topic/pulse-connect-secure?page=6 M.
If you have other devices that use 1024-bit RSA keys for default self-signed certificates, you will have to do the same procedure for those devices as well.