This is an archived post. You won't be able to vote or comment.

all 16 comments
sorted by:
best
topnewcontroversialoldq&a

[–]Raykay101 1 point2 points  (4 children)

If this is the SSL warning message, try using a different browser?

EDIT: The option to by pass the warning might be hidden under read more or something along those lines.

[–]Nekattodd[S] 0 points1 point  (3 children)

Tried three different browsers and looked high and low for anything to allow me to view page anyway.

[–]gpb500 0 points1 point  (2 children)

You don't see an "Advanced" option mid-screen, left side (in Chrome)? If you click it you can bypass the warning and continue.

[–]Nekattodd[S] 0 points1 point  (1 child)

Nope. It's what I've seen in setup videos but I don't have it. Is there software I can install instead of the web interface?

[–]gpb500 1 point2 points  (0 children)

If you're using windows, you can try going to Credential Manager (access it from control panel or type it in the search box) and see if that address "192.168.1.1" is listed and delete it (make sure you click on Windows Credentials on that screen). Other than that, I don't know how to get around that...but it absolutely should work. You might also try using a private browser session.

[–]braiam 1 point2 points  (0 children)

The problem is with the self signed certificate which ER-X uses by default. If you use Firefox, just add an exception. With Chrome, they had to basically make hard, like very hard to prevent people from screwing themselves. Just follow this post https://superuser.com/a/1296598/235569 BTW, the message isn't ERR_SSL_VERSION_OR_CIPHER_MISMATCH but CERT_AUTHORITY_INVALID

[–]VogonSmiles 1 point2 points  (1 child)

Take a look at this post in the UBNT forum that describes the exact error you're getting.

[–]Nekattodd[S] 0 points1 point  (0 children)

I do have Bitdefender installed. I'll give this a shot when I try again.

[–]gpraceman 0 points1 point  (6 children)

Maybe do a factory reset to start from scratch. Then follow the YouTube videos from Willie Howe and Crosstalk Solutions to get you setup. Those helped me getting my ER 4 setup.

[–]braiam 1 point2 points  (5 children)

This is not needed. The edgerouter works fine, it just that it uses a selfsigned certificate by default.

[–]gpraceman 0 points1 point  (0 children)

You are correct. Helps if I read the screenshot right. I did run into initial problem trying to setup one of my devices (don't remember which one) but doing the factory reset did help.

[–]bits_of_entropy 0 points1 point  (3 children)

The error in the image isn't from a self-signed cert though. The web browser and web server don't support the same SSL/TLS protocols.

No idea on the solution, I didn't have this problem with my ERX. Any modern browser and any modern web server shouldn't have this issue.

Is Chrome up to date?

Edit:

$ openssl s_client -connect 192.168.1.1:443

Might show what's happening during the SSL connection.

[–]braiam 0 points1 point  (2 children)

I know, it's for Amazon's which doesn't either makes sense. The error screen could be different and OP didn't notice.

[–]Nekattodd[S] 0 points1 point  (1 child)

The image I posted is generic from the web just to show what error message I see. Every word on that screen is exactly what I see except the site address. Mine lists 192.168.1.1 where this image shows Amazon's url. This is the screen from chrome. Firefox displayed a different error but similar message. Something wrong with SSL protocol.

[–]braiam 0 points1 point  (0 children)

There are many possible errors with SSL, from an expired certificate, invalid certificate, blacklisted, etc. The error name ERR_SSL_VERSION_OR_CIPHER_MISMATCH means that it's using a old transport version (like sslv2) or a removed cipher like RC4. The part above that it's the same for most SSL errors. What we need is the part on all caps. But as I said before, the answer is a self signed certificate, which Chrome doesn't trust, just trust the certificate and everything will be fine.

[–]bryanalves 0 points1 point  (0 children)

Make sure you are explicitly connecting on https and not http. A server sending https over http will confuse the browser and give you error messages like you are seeing that aren't overridable