Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

SSL certificate has expired!

    • Updated:
    • 19 Oct 2017
    • Product/Version:
    • TippingPoint IPS N-series All
    • TippingPoint IPS NX-series All
    • TippingPoint IPS S-series All
    • TippingPoint NGFW All
    • TippingPoint SecBlade All
    • TippingPoint TPS All
    • TippingPoint TX-Series All
    • TippingPoint Virtual TPS All
    • Platform:
Summary

After running a security scan the IPS system log reports the following error: “SSL certificate has expired, probably because date is incorrect on this device“

Details
Public

This error is caused by a security scanner software program attempting to logon to a TippingPoint device utilizing an expired SSL certificate. This is a normal action from the security product that simulates an attacker attempting to gain access, the response from the TippingPoint device is normal.

Best practice when configuring the management port

TippingPoint recommends configuring the management port on the TippingPoint device to use a non-routed IP address from the RFC-1918 Private Address space. This helps to prevent direct attack on the management port from the Internet. Additionally, the management port IP Address filter feature should be used to limit access to the management port. Only addresses defined by the command will be allowed to access the IPS. Host IP filters are essentially Access Control Lists (ACLs) on the management port of the IPS.

When the device is initially configured, the default security policy is "permit any". Once you establish a host IP filter, whether it is a permit or deny, then the default IP filter becomes "deny any". (The old legal idea of the inclusion of one is to the exclusion of all others.) If you are doing this via SSH (not the console), the first thing you must do is a permit rule for the IP address you are on or you will deny your IP access to the management port inadvertently.

Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000091908
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.