"
Same issue here "unbound dns error: ssl handshake cert error: hostname mismatch"
Solution: NTP
If you have done everything and all your DNS CN are correct but still have the issue, make sure your NTP is correct too (maybe temporaly change it to something else if it's already opnsense or... just to make sure it synce again.
In my case, I am using OPNsense FW as my main router/FW connected to my ISP and another router as my downstream.
I had this issue because my downstream router was using diffrent NTP servers.
Changed my downstream router NTP and now, both my OPNsense FW and the router are using "X.opnsense.pool.ntp.org" (X is any of 0,1,2,3)
Guess what? Bang..... fixed!
Solution: NTP
If you have done everything and all your DNS CN are correct but still have the issue, make sure your NTP is correct too (maybe temporaly change it to something else if it's already opnsense or... just to make sure it synce again.
In my case, I am using OPNsense FW as my main router/FW connected to my ISP and another router as my downstream.
I had this issue because my downstream router was using diffrent NTP servers.
Changed my downstream router NTP and now, both my OPNsense FW and the router are using "X.opnsense.pool.ntp.org" (X is any of 0,1,2,3)
Guess what? Bang..... fixed!
