Category: X.509 certificate usage or issue
The supplied certificate is self-signed.
This warning is issued by fmos pki import-cpl-cert when the supplied control panel certificate is self-signed. Self-signed certificates are inherently untrusted and clients will not be able to connect to servers that use them without additional configuration.
When the Server Control Panel HTTPS service uses a self-signed certificate, clients may present users with security warnings or refuse to communicate with the service. In particular, if the server certificate is trusted but the control panel certificate is self-signed, HTTP Strict Transport Security policy may cause browsers to fail to load the Server Control Panel Web User Interface.
The fmos ecosystem join command communicates with the Server Control Panel service over HTTPS. If the control panel certificate is self-signed, it will present a warning to the user and prompt for manual verification of the certificate fingerprint. Using a certificate signed by a trusted certificate authority will suppress this warning.
The only cause for this warning is to attempt to import a self-signed certificate using fmos pki import-cpl-cert.
Importing a self-signed certificate will always trigger this warning. To suppress the warning, the control panel certificate needs to be replaced with one signed by a trusted certificate authority.