ATP 200 SSL Inspection error

Ceccus

Hello,

on my ATP 200 I activated SSL Inspection.

After updating to MAC OSX 10.15 Catalina I get this error:

NET::ERR_CERT_WEAK_KEY

I use the default certificate.

With the previous version 10.14 it worked fine.

Browser : Chrome and Safari , latest version.

Is the problem due to this? 

https://www.macrumors.com/2019/06/06/apple-deprecates-sha1-macos-catalina-ios-13/

https://support.apple.com/en-us/HT210176

How to solve? Thanks

Regards

Alfonso

Hi @Ceccus

Welcome to the forum.

I suspect you are right.
So I recommend generating new certificates and upload them as the following KB explains:

https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=003075&lang=EN

I hope it helps.

Regards

Ceccus

Thanks for the reply. 

I think the problem is generalized and I also think that Zyxel should remedy by making a new certificate available

Regards

Alfonso

Hi @Ceccus

Obviously Zyxel can recreate a new certificate, but I suppose it requires a device upgrade ... 

Ceccus

Thanks for the reply
Firmware upgrade ... i suppose.

Regards

Zyxel_Emily

Hi @Ceccus,

Thanks for reporting. 

It is confirmed as a bug. 

We are working on fixing it. I will send the firmware to you for verification after the bug is fixed.

Ceccus

Thanks for the reply

Thank you so much

Waiting for the Fix

Regards

Ceccus

Hi Emily,

How long will the Fix be available?

Regards

Zyxel_Emily

Hi @Ceccus,

We modify the format of entries in the certificate to satisfy the requirements of MacOS 10.15 and it is still under verification.

I will update the test results in the near future.

Zyxel_Emily

Hi @Ceccus,

The firmware is sent to you in the private message.

Ceccus

Hi,

problem still open ... firmware slow in SSL Inspection.

Any ideas ?

Thanks