You are using Hybrid IKE. SecuRemote produces the error “Certificate is badly signed”. Which of
the following lists the most likely cause of the problem, and the appropriate remedy?
A.
The distinguished name used in the “fw interalca create” and “fw interalca certify” commands is
too long. In this case, use a shorter name.
B.
Under the Firewall object> VPN> IKE> Support Authentication Methods, Hybrid is unchecked.
Select Hybrid and stop and start the firewall.
C.
The Certificate created by internal CA is corrupt. Recreate the certificate with the -force option.
D.
SecuRemote version is lower then 4.1 SP1. Upgrade SecuRemote.
E.
None of the above.
Explanation:
: This is a well-known problem with SecuRemote, if you are using Hybrid IKE, you need to
upgrade your SecuRemote software at east to 4.1 with SP1, this will make the problem disappear.
The problem is caused by the way previous versions of SecuRemote manage the certificate
validation and multiple definitions of certificate standards that are provided by the Hybrid
Authentication scheme.