SafeSquid generated certificate expired -Your connection is not private
When using HTTPS inspection SafeSquid checks whether the public key and private key for websites exist on the disk.
If the public keys and private keys for websites do not exist, SafeSquid will create them and store them locally for reuse.
These certificates are valid for a year from the date they are created.
For more details regarding how SafeSquid’s HTTPS inspection works refer to How does HTTPS inspection work with SafeSquid
However, when SafeSquid generated certificate expires, you’ll get an error message in our browser which says “connection to this site is not private”.
Also, you will see the error code “ERR_CERT_DATE_INVALID” (highlighted in below image) which typically appears as a warning in web browsers indicating that there’s a problem with the validity period of the SSL certificate, which could be because – it has expired.
Also, you can validate the same by looking at the certificate chain, you’ll be able to notice that the certificate which SafeSquid has generated expired.
This can lead to insecure connections and the website being blocked if any policies have configured to block’ insecure connections.
To resolve this problem, you are required to delete SafeSquid generated certificates from /var/db/safesquid/ssl/certs/ and the issuer certificate from /usr/local/safesquid/security/ssl/
Run the below command to delete old certificates.
CODE: SELECT ALL
- /etc/init.d/monit stop ; /etc/init.d/safesquid stop ; rm -rf /var/db/safesquid/ssl/* ; rm -rf /usr/local/safesquid/security/ssl/* ; /etc/init.d/monit start
SafeSquid will regenerate all those certificates which were deleted.
Related Articles
SafeSquid Subscription Expired (Your subscript of SafeSquid Secure Web Gateway has expired)
SafeSquid will now exhibit subscription expired promo if Safesquid instance has no active subscription. Subscription expire promo is activated once the SafeSquid distribution license has expired. Also, you can check your subscription validity from ...Generating certificate which is required for HTTPS Inspection
Importance of Certificates/ Why HTTPS-aware applications, like Internet Browsers, use SSL/TLS protocols to prevent communication with malicious web services. The SSL / TLS protocols enable applications to verify the identity of the remote web ...Download SSL Certificate From Interface
Overview This article will show download of SafeSquid SSL certificate from the interface. Prerequisites You must have already generated your certificates from the Self-Service Portal. If not see our document Setting up SSL certificates from Self ...How does HTTPS inspection work with SafeSquid
How does HTTPS inspection work with SafeSquid? 1. When user/client request a secure webpage say https://www.xyz.com (a HTTPS site) from the browser, SafeSquid will get CONNECT request from the client browser. 2. SafeSquid will check configuration ...Importing Your SSL Certificate Into Firefox
Overview You would need to install SafeSquid SSL certificate in Firefox to allow users to seamlessly browse HTTPS sites. This article will help you with Installation of SafeSquid SSL Certificate into Mozilla Firefox browser. Go to Application Menu ...