The SSL certificate (used for access to the Web Interface via HTTPS and for use of the REST API via HTTPS) has expired. An expired certificate has NO impact on the time synchronization services. However, depending on your browser's security settings, you may be prevented from accessing the Web Interface via HTTPS, or you may receive a warning to this effect and be prompted to add an exception. Calls to the REST API via HTTPS may require the use of explicit parameters to ignore the missing certificate.
A new self-signed certificate can be generated via the Web Interface –> Security
page –> Certificates
–> Certificates
tab –> Generate SSL Certificate
:
Generate SSL Certificate
form:
All fields in the Generate SSL Certificate
form are mandatory. In the Subject Alternative Name
field, you can specify additional hostnames (sites, IP addresses, common names, etc.) to be protected by a single SSL certificate (e.g., a multi-domain certificate). Multiple SANs must be entered as one comma-separated list.
If you do not need to generate a new self-signed certificate because you have an existing certificate (e.g., one that has been signed by a trusted Certificate Authority), the Upload SSL Certificate
button can be used to upload a certificate. This certificate must be in PEM file format and must contain the certificate and the private key:
-----BEGIN RSA PRIVATE KEY----- private key here -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- certificate here -----END CERTIFICATE-----
If the LANTIME is still running an LTOS V6 firmware version, the Certificate Expired Alarm is not automatically deleted after the certificate has been renewed. The device needs to be restarted. This has been improved in LTOS V7. No reboot is required there, the alarm should automatically disappear after renewing the certificate.
If further assistance is required, contact Meinberg Technical Support: https://www.meinbergglobal.com/english/support/tech-support.htm
— Manuel Schäfer manuel.schaefer@meinberg.de, last updated 2023-05-17