Messages

Thats whats confusing me.  Plus I dont even know how one would use a local server cert for authenticating to a remote TLS server anyways.  I have no idea what setting(s) could even cause this behavior.

I *did* try messing with the mirrors and, after a handful of attempts, found one which permitted me to fetch the list of updates.  Which I kinda find more confusing because now Im not sure which end the problem is actually at...

The cert that, I assume, was generated when I installed my firewall had expired which is apparently preventing me from updating the system:

Code Select Expand


Fetching changelog information, please wait... Certificate verification failed for /CN=OPNsense.localdomain/C=NL/ST=Zuid-Holland/L=Middelharnis/O=OPNsense self-signed web certificate
34374492160:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1916:
fetch: https://pkg.opnsense.org/FreeBSD:13:amd64/22.1/sets/changelog.txz: Authentication error
Updating OPNsense repository catalogue...
Certificate verification failed for /CN=OPNsense.localdomain/C=NL/ST=Zuid-Holland/L=Middelharnis/O=OPNsense self-signed web certificate
34378686464:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1916:


So I generated a new cert which is generating these errors instead:

Code Select Expand


Fetching changelog information, please wait... SSL certificate subject doesn't match host pkg.opnsense.org
fetch: https://pkg.opnsense.org/FreeBSD:13:amd64/22.1/sets/changelog.txz: Authentication error
Updating OPNsense repository catalogue...
SSL certificate subject doesn't match host mirror.wdc1.us.leaseweb.net


Is there a walkthrough of exactly what is needed to resolve this?  Im not having any luck finding an answer

TIA!