Configuring the Internet Explorer

When you access eReplication in different browsers using HTTPS, browsers may prompt a security certificate problem. This section explains how to install a security certificate.

Context

This section uses Internet Explorer 11.0 as an example.

Procedure

  1. Import the security certificate.

    1. In the address box of Internet Explorer on the maintenance terminal, enter https://IP:httpsport and press Enter.
    2. If you are prompted with There is a problem with this website's security certificate, select Continue to this website (not recommended).
    3. On the right of the address box, click Certificate Error. In the dialog box that is displayed, click View Certificates.
    4. In the Certificate dialog box, click Install Certificate.
      • Verify that the IP address to which the certificate is issued is the same as the one used to log in to eReplication. If the certificate is not imported to the IP address, There is a problem with this website's security certificate is displayed when you import the certificate and log in to the eReplication again.
      • Verify that the client time is within the certificate validity period.

    5. Read instructions in Certificate Import Wizard, and click Next.
    6. Select Place all certificates in the following store and click Browse.

      If you select Automatically select the certificate store based on the type of certificate, There is a problem with this website's security certificate is displayed on Windows 7.

    7. In the Select Certificate store dialog box, select Trusted Root Certification Authorities and click OK.
    8. In the Certificate Import Wizard dialog box that is displayed, perform operations as prompted. In the Security Warning dialog box, confirm the certificate source and click Yes to complete certificate import.

    To enhance data security of eReplication, you are advised to replace the imported one with your customized security certificate.

  2. Disable the Warn about certificate address mismatch option.

    1. In Internet Explorer, choose Tools > Internet Options.
    2. In the Internet Options dialog box that is displayed, click Advanced.
    3. Deselect Warn about certificate address mismatch and click Apply.

  3. Enable the File downloads option.

    1. Click the Security tab.
    2. In the lower right corner of the page, click Custom level.

      The Security Settings-Internet Zone dialog box is displayed.

    3. In the Setting area, choose Download > File downloads and select Enable.

      Generally, this option is Enable by default.

    4. Click OK.

      The Warning dialog box is displayed.

    5. Click Yes.

      The Internet Options dialog box is displayed.

    6. Click Enable.

  4. Restart the browser to make the configuration take effect.
  5. Disable the browser's support for TLS 1.0 and earlier versions.

    TLS 1.0 and earlier versions have security vulnerabilities, which may result in device information leakage. Therefore, you are advised to disable the browser's support for TLS 1.0 and earlier versions before logging in to eReplication.

    1. Choose Tools > Internet Options from the browser menu (if the menu is not displayed, press the Alt key).
    2. In the Internet Options dialog box, click the Advanced tab.
    3. In the Security check box, deselect Enable TLS 1.0, Enable SSL 3.0 and Enable SSL 2.0, but select Enable TLS 1.1, and Enable TLS 1.2.

      eReplication can be accessed by TLS 1.1, and TLS 1.2, but cannot be accessed by other protocols such as TLS 1.0.

    4. Click OK.

Parent topic: Common Operations
Copyright © Huawei Technologies Co., Ltd.