Installing certificate for 2fa webpage produced by ATP200

ChipConnJohn
ChipConnJohn Posts: 44  Freshman Member
First Anniversary 10 Comments Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula

Hello all,

I tried to install a security certificate on my machine so that I won't get the "Your connection is not Private" message before entering the 2FA code. I went through these instructions:

https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=008669&lang=EN

Which says:

You canconfigure as follows:
Step 1: Createa self-signed certificate in GUI>My Certificates.
Step 2: Set the Host IP Address as the URL you want to log into, such as192.168.1.1.
Step 3: Clickthe edit icon of the self-signed certificate you just created.
Step 4: Click "Export Certificate Only" to export the self-signed certificate, and save it astest.cer.
Step 5: Enterthe password, click the icon "Export Certificate with Private Key" to export itagain, save it as test.p12.
Step 6: InGUI>Trusted Certificates, click the import icon to import the certificatetest.cer.
Step 7: InGUI>System>WWW, choose the "Server Certificate" as "test", and enable thecheck box "Authenticate Client Certificates".
Step 8: In IEBrowser, import the certificate test.p12 into "Personal".
Step 9: Importthe certificate test.cer into "Trusted Root Certification Authorities".

I followed this, although I had a .crt instead of a .cer, and a .pfx instead of .p12.

After this, Outlook started giving me certificate errors that the certificate was valid but the name didn't match. When I did View Certificate, it was 192.168.1.1.

How can I add a certificate to just apply to the webpage of my ATP's 2FA page?

Thanks!

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @ChipConnJohn ,

    It is unable to get rid of the certificate warning because the certificate is not signed by a third party. However, you could ignore certificate errors by launching Chrome with the parameter --ignore-certificate-errors, for example: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --ignore-certificate-errors.

  • ChipConnJohn
    ChipConnJohn Posts: 44  Freshman Member
    First Anniversary 10 Comments Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula

    So there's no way to use a self-signed certificate to avoid the "Your connection is not private" message?

Security Highlight