Views:

Problem Description

Users may encounter a certificate password prompt when logging into the TippingPoint SMS client, especially when:


  • Private keys have been imported into the SMS certificate repository

  • SSL inspection functionality is configured

  • Certificate management operations are required including export and distribution of private keys.

Understanding Certificate Password Impact

The TippingPoint SMS certificate password is a critical security feature that:


  • Protects private keys in the SMS certificate repository with encryption

  • Uses a randomly generated 2048-bit RSA key pair for encryption

  • Encrypts private keys using a 256-bit AES cipher based on the certificate password

  • Is required when exporting private keys from the SMS certificate repository or distributing new private keys to devices

Notes

  • Not providing the password will NOT break the system

  • The certificate password is specifically needed for distributing new keys to devices with SSL inspection profiles.

  •  

Resolution Steps

Check Certificate Usage

Before making changes, verify where certificates are being used:

  1. Navigate to Profiles > SSL Inspection to check SSL configuration
  2. Review the CA inventory screen for existing certificates
  3. Check for web server certificates in the certificate management section

Resetting Certificate Password

If you need to reset the certificate:

Warning: Resetting will break the certificate chain and require importing a new certificate

  1. Access the certificate management interface
  2. Remove the certificates with broken private keys
  3. Import required certificates with their private keys

 

References

Keywords: SSL Inspection Configuration, High Availability Setup, Certificate Management, Private Key Import Procedures, ssl, sms certificate password