Contact Us
Philippines / English
Search

What should I do if I got a certificate error?

User Application Requirement
Updated 05-02-2025 18:35:03 PM Number of views for this article175812
This Article Applies to: 

Part 1: For EAP and CPE web management interface

When try to visit the web interface via https in Chrome, such as the web interface of EAP/Omada Controller or Pharos CPE Series, it said server’s certificate is not trusted.

A picture indicates the warning about certificate error.

The certificate verifies the server’s identity and secures communication with the user. A warning may appear if the certificate is not trusted (e.g., self-signed, expired, or mismatched), even if the server’s IP address is correct. Since you are accessing the device’s management page, this warning does not indicate a security risk, and you can proceed without concern.

Here are two examples for how to get through the certificate error when it occurred on TP-Link products.

1. Get through Certificate error on Chrome

Click on Advanced - Proceed to 10.0.0.254 (unsafe), the web interface of EAP/Omada Controller will show up.

The screenshot of details of certificate error and guidance to the "Advanced" button

Picture indicates the location of "Proceed to 10.0.0.254(unsafe)"

2. Get through Certificate error on Internet Explorer

While in Internet Explorer, you can just click on Continue to this website (not recommended) to visit the web interface.

The picture shows the location of "Continue to this website (not recommended)" button

Part 2: For EAP/Omada controller

For the EAP devices, its certificate can’t be changed; while for the EAP/Omada controller, you can manually import your own certificate if you have one.

Here are the instructions:

1. Disable the EAP/Omada controller on your computer.

2. Copy your keystore file (such as keystore.jks file) into the “keystore” folder of the EAP/Omada controller’s installation path.

3. Enter the “properties” folder of EAP/Omada controller installation path, edit the “jetty.properties” file.

4. Find the scripts below:

ssl.key.store.password=tplink

ssl.manager.password=tplink

ssl.trust.store.password=tplink

key.store.path=/keystore/eap.keystore

trust.store.path=/keystore/eap.keystore

5. Replace the scripts above with new scripts as below:

ssl.key.store.password= the storepass of your own certificate

ssl.manager.password= the keypass of your own certificate

ssl.trust.store.password= the storepass of your own certificate

key.store.path=/keystore/keystore.jks(your keystore file)

trust.store.path=/keystore/keystore.jks(your keystore file)

6. Launch the EAP controller, then you can use your domain name according to your certificate to visit the controller, such as https://hostname:8043, please note that the IP of hostname should be the IP of the controller PC.

Looking for More

Is this faq useful?

Your feedback helps improve this site.

Recommend Products

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

From United States?

Get products, events and services for your region.

GO Other Option

This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy . Don’t show again

Your Privacy Choices

This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy . Don’t show again

Basic Cookies

These cookies are necessary for the website to function and cannot be deactivated in your systems.

TP-Link

SESSION, JSESSIONID, accepted_local_switcher, tp_privacy_banner, tp_privacy_base, tp_privacy_marketing, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType

Youtube

id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ

Zendesk

OptanonConsent, __cf_bm, __cfruid, _cfuvid, _help_center_session, _pendo___sg__.<container-id>, _pendo_meta.<container-id>, _pendo_visitorId.<container-id>, _zendesk_authenticated, _zendesk_cookie, _zendesk_session, _zendesk_shared_session, ajs_anonymous_id, cf_clearance

Analysis and Marketing Cookies

Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.

The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

Google Analytics & Google Tag Manager

_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>

Google Ads & DoubleClick

test_cookie, _gcl_au