Why is a web browser reporting "insecure connection" when accessing a gateway the first time?
Why is a web browser reporting "insecure connection" when accessing a gateway the first time?
Edge gateways support SSL/TSL secured web connections over https:// accesses only.
By definition a secure connection ensures reasonable protection only if a certificate identifies the server as trustworthy. Only then further ongoing transactions of the initiating browser and a server can be assumed as being protected against eavesdroppers and data theft.
For that reason a browser requests a certificate from the server (gateway) first of all for verification. This certificate contains the issuing authority verified the server's trust. A list of known authorities comes pre-installed in any browser. Once a server's certificate is returned the browser compares the certificate's authority with the known ones in the list. If it is not part the browser reports a certificate error and urges the user to confirm to continue operation since it has to assume the connection is insecure.
By default edge gateways contain a certificate issued by Hilscher which is not a member of known authorities. That's why a browser will report the connection to be insecure and asks for confirmation. Once confirmed future connections will be established without questioning again.
Hint: The cerfiicate can be replaced by a customer certificate at any time in the gateway's control panel.