Messages

Hi ArminF

Thanks for your detailed reply...
I finally figured it out... somehow (fat fingered, not paying attention) I had chosen a client certificate in stead of server certificate which of cause doesn't work with a website!

But now I got a nice green bar in the certificate details under Firefox, just like I would have expected.

Thanks again for taking your time to reply!

And thanks to bartjsmit for the heads up on Letsencrypt!

I can confirm that Chromium acts the same...
I will also try to see which certificate I choose and retry to see if I made a mistake somewhere

Thanks!

Thanks for your reply.

Yes I created a local CA and issued a server certificate from that CA to my OPNsense firewall, opnsense.domain.local, and assigned the new certificate to the web management interface... yes the one that actually have one self signed certificate from the installation process.

I hope that helps...

Looked/followed through this guide
https://docs.opnsense.org/manual/how-tos/self-signed-chain.html#the-certificate

Hi

I tried to create a CA from OPNsense and afterwards a website certificate from that CA.
I assigned it to the web interface of my OPNsense firewall.

But Firefox doesn't like the CA/certificate created stating an error like this

SEC_ERROR_INADEQUATE_CERT_TYPE

I imported the CA into Firefox certificate store without any difference.
If I choose not to trust it for websites within Firefox I can access the web interface again.

Some searching show that, "I confirmed this by generating a new test CA with the the extended usage field excluded, then generating a new SSL Cert The certificate verifies properly now."

Have some of you a workaround or fix?

Thanks