Why is the SecuExtender VPN client receiving a 'Self-signed certificate not accepted' error?
Options
Zyxel_Emily
Posts: 1,491 
Zyxel Employee
Zyxel Employee
Question:
When using the SecuExtender VPN client with the USG FLEX series, such as the USG FLEX 200, you may encounter the error: "Self-signed certificate not accepted for CN = nebula...". This issue often occurs if the VPN certificate has expired or needs renewal.
Answer:
- On Nebula, navigate to Configuration > Remote Access VPN.
- Disable and then re-enable the Remote Access VPN feature. This action will renew the certificate.
- Reboot the USG FLEX device manually.
- Download the new VPN configuration script provided by the device after the certificate is renewed.
- Import the updated VPN script into the SecuExtender VPN client.
- Attempt to reconnect to the VPN using SecuExtender.
Tagged:
0
Categories
- All Categories
- 442 Beta Program
- 3K Nebula
- 229 Nebula Ideas
- 130 Nebula Status and Incidents
- 6.6K Security
- 662 USG FLEX H Series
- 359 Security Ideas
- 1.8K Switch
- 86 Switch Ideas
- 1.4K Wireless
- 56 Wireless Ideas
- 7.1K Consumer Product
- 305 Service & License
- 497 News and Release
- 95 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 5K FAQ
- 34 Documents
- 89 About Community
- 110 Security Highlight