opnsense
Version 21.7.1
Architecture amd64
Flavour OpenSSL
Commit ec466867c
Mirror https://opnsense.aivian.org/FreeBSD:12:amd64/21.7
Repositories OPNsense, SunnyValley, mimugmail
Updated on Wed Aug 4 16:35:02 CST 2021
Checked on N/A
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 21.7.1 (amd64/OpenSSL) at Sat Aug 14 16:17:47 CST 2021
Fetching changelog information, please wait... Certificate verification failed for /CN=OPNsense.localdomain/C=NL/ST=Zuid-Holland/L=Middelharnis/O=OPNsense self-signed web certificate
4764836020224:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1915:
fetch: transfer timed out
Updating OPNsense repository catalogue...
Certificate verification failed for /CN=OPNsense.localdomain/C=NL/ST=Zuid-Holland/L=Middelharnis/O=OPNsense self-signed web certificate
4016512311296:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1915:
Certificate verification failed for /CN=OPNsense.localdomain/C=NL/ST=Zuid-Holland/L=Middelharnis/O=OPNsense self-signed web certificate
4016512311296:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1915:
Hi,
at the time of writing it is 14th August 2021 7:05 CST. The log shows you ran the update on 14th August 2021 16:17 h CST (4:17 pm).
You firewall has the wrong time. This could lead to this error.
KH
Looking at the CN it's pushed over a (local?) HTTPS transparent proxy. That doesn't work for updates...
Cheers,
Franco
I am in China, so change update server to mirror CN.
Unless the great firewall uses OPNsense web proxy to intercept using a self-signed certificate I still think that you hit the same error no matter what mirror you use. A HTTP mirror would probably help though sidestepping the SSL interception issue.
Cheers,
Franco