• March 28, 2024, 10:13:32 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: 1 [2]

Author Topic: DSR-250 Certificate Problem  (Read 16184 times)

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DSR-250 Certificate Problem
« Reply #15 on: November 05, 2015, 09:29:04 AM »

Im sure it will be fixed in the next FW update. Plesae be patient.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

dharmakarma

  • Level 1 Member
  • *
  • Posts: 1
Re: DSR-250 Certificate Problem
« Reply #16 on: January 03, 2016, 09:54:14 PM »

DSR-250 Configuring SSLVPN according to Dlink Tech Support website.
 - Open a browser to https://MY_DSR_PUBLIC_IP:8443/portal/ssltest (the name I gave to the layout)
 - log in, navigate to VPN page, launch VPN
 - popup window appears, a msg about keeping the browser window open to preserve session
 - need to confirm popup and running Java app

GETTING THE FOLLOWING ERROR:
--------------------------------------------------
"Application blocked for Security"
 - Certificate has been revoked.
 - The application will not be executed!
 - Name: VPInstaller
 - Location: https://MY_DSR_PUBLIC_IP:8443

Further, clicking 'More Information...' yields:
Code: [Select]
java.security.cert.CertificateRevokedException:
    Certificate has been revoked,
    reason: KEY_COMPROMISE,
    revocation date: Wed Sep 02 20:00:00 EDT 2015,
    authority: CN=VeriSign Class 3 Code Signing 2010 CA,
    OU=Terms of use at https://www.verisign.com/rpa (c)10,
    OU=VeriSign Trust Network,
    O="VeriSign, Inc.",
    C=US, extension OIDs

Searching around I came across a couple of news releases explaining that DLINK had inadvertently released the private-keys and passphrases for the
certificates on several of their devices. This news came out in Sept 2015, curiously corresponding to the date of the above Java exception revocation
date. I won't bother with why a firmware update hasn't been pushed out to every device ever created by DLINK, and/or why this update due to
compromised private keys isn't splashed all over the DLINK support forums and support website. But it would be nice to get this working :)

Question is: How do I install a new certificate? I'm already at the latest FW:

Hardware: A2
Firmware: 2.02B701C_WW

Any help very much appreciated.

 - dharma

Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DSR-250 Certificate Problem
« Reply #17 on: January 04, 2016, 10:23:25 AM »

Try adding the routers IP address to Javas Security Exceptions list.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.
Pages: 1 [2]