I did a fresh install of 21.7 and opted to restore my config by hand instead of xml.
I installed and enabled the acme plugin, registered an account, setup a basic http-01 challenge type, and requested my cert.
When I went to apply it to the webgui, i got an error saying the cert is not intended for server use. when I look at the cert, it shows server: No. How do I get this to issue a cert I can use for the web gui? PS - I'm on the staging environment as I think I've hit my quota against prod.
Thanks.
After digging in, its not related to the ACME plugin. I couldn't get external certs to apply either.
I was able to edit the config.xml file and put in the refid of the letsencrypt cert I generated and reloaded webgui. The cert is now in use, but any time I edit the webgui admin settings, I still get the error that the cert is not intended for server use.
Are you able to paste such a certificate here?
To my knowledge the server flag check has been working fine for a long time.
Cheers,
Franco
Franco, Here is one example.
Thanks!
Thanks, same issue on GitHub for activity:
https://github.com/opnsense/core/issues/5128
Cheers,
Franco