Security gateway portals on port 443 receive incorrect certificate

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk131212
Technical Level
Product	IPSec VPN
Version	All
Date Created	19-Jul-2018
Last Modified	10-Jan-2022

Symptoms

After a UserCheck certificate update, an incorrect certificate is presented to VPN clients on connect/site creation.
Alternatively, internal users may be presented with the VPN certificate on the UserCheck web page when accessing UserCheck via an internal interface (when they expect to see the VPN certificate only on the external interface).
The configured certificate for Identity Awareness is the UserCheck certificate, however sometimes the clients receive a trust error and instead of UserCheck certificate, we can see the VPN certificate.

Cause

When a certificate was updated to a particular portal it was presented not only to users via internal interface for that particular portal, but also to users via external interface for other portals that were configured with the default certificate (and expected to see the default certificate).

This occurred due to incorrect handling by the code.

Solution

Note: To view this solution you need to Sign In .