Hello,
im trying to replace the Standard Admin Gui SSL Certificate. I found this Article here (first part only without Nextcloud Config):
https://forum.opnsense.org/index.php?topic=9053.msg40547#msg40547
Installed the Cert in Browser, set all to Trust but i still get error "Bad Cert"
Any Idea, what could be the problem, do i need to choose some specific value under Alternative Names ?
Thanks!
The documentation has this as a setup guide. That post is may not apply since it from 2018.
Thanks, you mean this docu here https://docs.opnsense.org/manual/how-tos/self-signed-chain.html ,seems basically the same setup, but will try again to be sure SAN = FQDN
Also, if you happen to lock yourself out, login to ssh / console and in the prompt select a previous configuration. Keep selecting a older one, one at a time till you get your gui back up.
Thanks, followed yet exactly the instructions, like in the article, but i still not get a secure connection to the web interface...
By creating the server certificate i tried with:
Common Name = FQDN
Alternative Names: Type: URI
Value: https://FQDN
Common Name = FQDN
Alternative Names: Type DNS
Value: FQDN
Imported Intermediate CA to Firefox Cert Manager Authorities, imported the Int CA also to MAC Keychain all trusted, but im still not able to get the connection secure to the gui.. rebooted FW several times as well
Is there anything else to do, to get just a secure connection to the gui?
Thx
Ohh, tried the whole time with the IP address, i forgot that i have to use the FQDN in the Browser to get the secure connection :)
Thanks for your Help & the Tip regarding the lockout
Actually, that should not matter IF you configure your certificates to use them.
When creating, for SAN (dropdown) change to IP and enter the address.
Thx, so it would work with IP and FQDN or just IP then?
It can work with both. You need to enter the correct SAN information when creating the certificate. I.E. in the drop down menu.
thx, done and working now :)