- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate-60E Low-Encryption Unable to Access FortiGate WebUI from HTTPS, HTTP only
Hello!
I have FortiGate-60E Low-Encryption
https://kb.fortinet.com/kb/documentLink.do?externalID=FD37333
I have error:
This site can’t provide a secure connection
fortigate.local uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH Hide details Unsupported protocol The client and server don't support a common SSL protocol version or cipher suite. I saw https://forum.fortinet.com/tm.aspx?m=104586 Is FortiGate-60E Low-Encryption support https WebGUI?Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Guys, I'm sure the LENC models need a 40/56bit browser, hence LENC support. You need to test with a 40bit browser. Any thing modern is NOT going todo 40/56 bit encryption.
Ken Felix
PCNSE
NSE
StrongSwan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sounds like exercise in frustration - you have to find browser of the Windows XP SP2 era, but then all the HTML5/Javascript of the Fortigate GUI stuff will not work/work partially with it.
So the short answer - no, with LENC you don't have HTTPS for management, just HTTP or SSH .
- « Previous
-
- 1
- 2
- Next »
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yurisk wrote:Thanks a lot)Sounds like exercise in frustration - you have to find browser of the Windows XP SP2 era, but then all the HTML5/Javascript of the Fortigate GUI stuff will not work/work partially with it.
So the short answer - no, with LENC you don't have HTTPS for management, just HTTP or SSH .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your only choices if you want HTTPS is to
1 review firefox or chrome older version available at https://ftp.mozilla.org/pub/firefox/releases/ or google slimjet
2: find an older window or XP version and install it as a vm-image and use it as a management-only and yes that version will probably not work with any modern websites
3:find a older android/ios phone launch it on the network and try it's browsers.
4: or find one of those older Chinese phones that has a browser that supports 56bit.
5: explore a lynx browser
Ken Felix
PCNSE
NSE
StrongSwan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
emnoc wrote:5: explore a lynx browser
Ken Felix
This one rocks, hahaha, I even took the time to enter Fortigate via the best browser ever - Lynx, see in attached how the admin login page looks (less than spectacular):
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This issue usually involves a problem with your web browser or your site’s SSL certificate. The browser’s telling you that because it’s trying to tell you there’s a problem with the certificate the website is using for HTTPS, so “this site can't provide a secure connection”. In all cases the end-to-end encryption is still going to work just because HTTPS can’t function without it. There is no definite guide for managing this error.
Two possible options to get rid of this issue
- Use Self Sign certificate
- Remove domain security policy:
Steps for Chrome :
- Go to : chrome://net-internals/#hsts
- Query HSTS/PKP domain for localhost
- Use Delete domain security policies option to delete configuration for localhost
This error is because of the following problems:
- Invalid SSL or SSL is untrusted (self-signed)
- SSL Not installed properly
- Old Technology or SSL/TLS version for encryption
- « Previous
-
- 1
- 2
- Next »