SA-4500-FIPS or SA-6500-FIPS initial configuration - self-signed certificate generation seems to loop and never completes
SA-4500-FIPS or SA-6500-FIPS initial configuration - self-signed certificate generation seems to loop and never completes
| Knowledge Base ID: | KB13979 |
| Version: | 2.0 |
| Published: | 02 Nov 2009 |
| Updated: | 02 Nov 2009 |
| Categories: |
 SSL VPN SSL_VPN_(IVE_OS) |
Problem:
During initial configuration of SA-4500-FIPS or SA-6500-FIPS appliance running IVE OS version 6.4R1, after putting in all the credentials for Security Officer, restore password for keystore, and Web server user credentials, self-signed certificate generation completes but then loops back to asking for the Web server user credentials. The process of asking for Webserver user credentials repeats and never finishes the initial configs as it loops continuously. Rebooting several times does not fix issue. There are no distinguishable errors from serial console indicating cause of why it asks again for user credential.
Following is the serial console output:
Solution:Following is the serial console output:
Root cause of issue:
Workaround:
This behavior is observed in the current shipping factory reset image of IVE OS 6.4R1. Juniper has resolved this issue in the following versions:
6.4R2 (Build 14343)
6.4R3 (Build 14619)
6.5R1 (Build 14599)
Purpose:An invalid password is used; password contains invalid characters.
Workaround:
Use alphanumeric characters for passwords and try again.
This behavior is observed in the current shipping factory reset image of IVE OS 6.4R1. Juniper has resolved this issue in the following versions:
6.4R2 (Build 14343)
6.4R3 (Build 14619)
6.5R1 (Build 14599)
Installation
