E2Guardian - SSL intercept with EXPIRED CA cert.

[Fabricio Guzzy]

Folks, 

Today all my firewalls got the same problem. 

While using the SSL intercept, E2G is generating a CA with expired date - 05-DEC-2024 13:35:51 GMT

It seems it's something hardcoded to E2G.

Whatever the CA i use to intercept, it's always the same error.

Any idea?

Fabricio.

[Orion Poplawski]

We hit this as well. You need to update generatedcertstart in
e2guardian.conf.

--
Orion Poplawski
he/him/his - surely the least important thing about me
IT Systems Manager 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane or...@nwra.com
Boulder, CO 80301 https://www.nwra.com/

[Roman Marukhin]

Hello Fabricio,

you probably need to fix the below parameters the e2guardian.conf file

```

#Generated cert start time (in unix time) - optional
# defaults to 1417872951 = 6th Dec 2014
# generatedcertstart = 1417872951

#Generated cert end time (in unix time) - optional
# defaults to generatedcertstart + 10 years
#genratedcertend =
# generatedcertstart =

```

With best regards,

Roman M

[Fabricio Guzzy]

Thanks guys! 

That did the trick!

I also changed the source code on my side and recompiled it.

Thanks

Fabricio

[Remco B]

You're a life saver!

[Mr Red]

how to using/configure this, because i dont understand in this configuration

[Mr Red]

[Mr Red]

can anyone give me command for configuration generate ssl certificate? because i need your help

[Mr Red]

i try , but same error in browser

On Friday, 6 December 2024 at 02:08:55 UTC+8 Fabricio Guzzy wrote:

[Mr Red]

#Generated cert start time (in unix time) - optional
# defaults to 1417872951 = 6th Dec 2014

generatedcertstart = 1702070400

#Generated cert end time (in unix time) - optional
# defaults to generatedcertstart + 10 years

generatedcertend = 1702166800
# generatedcertstart =
 is that true configuration? if i mistake please correct this and help me, thanks

On Friday, 6 December 2024 at 03:24:44 UTC+8 Roman Marukhin wrote: