Self signed SSL certificates for Web / VPN

stevemitchell · November 29, 2016, 11:03pm

Is it possible to use self signed SSL certificates in Fusion Hub (and Balance One and other products) for both the web and VPN certificates? I’ve seen some random posts that it is/is not and that you have to use real SSL certificates, which seems wasteful for internal systems never used anywhere else.

I’ve tried using self signed certificates on FusionHub and it accepts it, but I assume because the signing certificate is not included in the bundle or can’t be uploaded, it comes back as invalid to the browser.

I’ve validated my CA is signing correctly, and I can do this with OpenVPN, Apache, and a million other things, so I’d love to know how to do it with Pepwave products so I can use my own certs everywhere.

TK_Liew · November 30, 2016, 7:05pm

Just to confirm, are you using self-signed cert or CA signed cert? May I know what is the encryption key length (e.g. 1024bits)?

stevemitchell · November 30, 2016, 7:52pm

It’s a self signed CA and certificate. Key length is 2048.

stevemitchell · December 2, 2016, 10:32am

Any update here? I would definitely prefer to use self signed certificates for all of my Pepwave devices, including their VPN profiles.

TK_Liew · December 4, 2016, 7:46pm

Please allow me to ask more questions to understand more about the reported problem.

May I know what is the domain you signed for the SSL cert?
May I know what is the URL you used to access the Web Admin?

stevemitchell · December 4, 2016, 8:06pm

I’d rather not provide sensitive security information like this in a forum.
Could you let me know whether self signed certificates are even supported?
I’m happy to open a support ticket.

TK_Liew · December 4, 2016, 11:03pm

We do support the certificate signed by Certificate Authority. Please open ticket for us to take closer look.

Thank you.