OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of lysemose »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - lysemose

Pages: [1]
1
20.1 Legacy Series / Re: Self-signed CA -> Certificate - Firefox error
« on: February 12, 2020, 09:58:24 am »
Hi ArminF

Thanks for your detailed reply...
I finally figured it out... somehow (fat fingered, not paying attention) I had chosen a client certificate in stead of server certificate which of cause doesn't work with a website!

But now I got a nice green bar in the certificate details under Firefox, just like I would have expected.

Thanks again for taking your time to reply!

And thanks to bartjsmit for the heads up on Letsencrypt!

2
20.1 Legacy Series / Re: Self-signed CA -> Certificate - Firefox error
« on: February 11, 2020, 01:23:59 pm »
I can confirm that Chromium acts the same...
I will also try to see which certificate I choose and retry to see if I made a mistake somewhere

Thanks!

3
20.1 Legacy Series / Re: Self-signed CA -> Certificate - Firefox error
« on: February 11, 2020, 11:39:28 am »
Thanks for your reply.

Yes I created a local CA and issued a server certificate from that CA to my OPNsense firewall, opnsense.domain.local, and assigned the new certificate to the web management interface... yes the one that actually have one self signed certificate from the installation process.

I hope that helps...

Looked/followed through this guide
https://docs.opnsense.org/manual/how-tos/self-signed-chain.html#the-certificate

4
20.1 Legacy Series / Self-signed CA -> Certificate - Firefox error
« on: February 08, 2020, 11:53:12 am »
Hi

I tried to create a CA from OPNsense and afterwards a website certificate from that CA.
I assigned it to the web interface of my OPNsense firewall.

But Firefox doesn't like the CA/certificate created stating an error like this

SEC_ERROR_INADEQUATE_CERT_TYPE

I imported the CA into Firefox certificate store without any difference.
If I choose not to trust it for websites within Firefox I can access the web interface again.

Some searching show that, "I confirmed this by generating a new test CA with the the extended usage field excluded, then generating a new SSL Cert The certificate verifies properly now."

Have some of you a workaround or fix?

Thanks

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2