I searched but did not find a specific answer to this question, or possibly I missed something, so please gently point me in the right direction. After I got a working install, I changed my host.domain name from OPNsense.localdomain to OPNsense.mylan.lan internal domain.now my certificate for the web UI are invalid. Is there an article or a FAQ on how to resolve this please and thank you? I've spent several hours trying to resolve this and I'm now tired and ready to tuck in for the night but I'm hoping by morning someone might have a suggestion I'm sure it's something simple but I can't find it at this hour.
You didn't say what release you're running - I think the UI changed a bit - but in 25.1(.5), go to System -> Trust -> Certificates, click '+' button to create a new one, with method "Create an internal Certificate", set type to "Server Certificate", and fill in the blanks as you wish.
Sorry:
Versions
OPNsense 25.1.5_5-amd64
FreeBSD 14.2-RELEASE-p2
OpenSSL 3.0.16
Will try what you suggested. thank you.
Quote from: dseven on April 19, 2025, 08:34:26 AMYou didn't say what release you're running - I think the UI changed a bit - but in 25.1(.5), go to System -> Trust -> Certificates, click '+' button to create a new one, with method "Create an internal Certificate", set type to "Server Certificate", and fill in the blanks as you wish.
Yes, this function basically as you said was a few slight changes in the UI and I completed the steps and assigned the new certificate however, it still shows as not secure in both chrome and safari on macOS Ventura. I went over the steps multiple times and attempted this more than once, and I still have the same results.
A self-signed cert will always show as insecure unless you have told your browser to trust it explicitly. This would have been the case for the original WebUI cert before you changed hostname.