Auto-certificate and Chrome

Started by balubeto, October 14, 2018, 05:54:28 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
October 22, 2018, 08:03:52 PM #30
Quote from: balubeto on October 22, 2018, 07:36:49 PM
Sorry, but I only created a self-certificate.

Why on earth you want to do that, what are you trying to accomplish?
If you go down that rabbit hole, be my guest, but I can't help you doing that  ;)

Greetings, mark
October 23, 2018, 10:41:22 AM #31
Quote from: qinohe on October 22, 2018, 08:03:52 PM
Quote from: balubeto on October 22, 2018, 07:36:49 PM
Sorry, but I only created a self-certificate.

Why on earth you want to do that, what are you trying to accomplish?
If you go down that rabbit hole, be my guest, but I can't help you doing that  ;)

Greetings, mark

I'm simply trying to export a self-certificate so that I can import it in Chrome to access the firewall using the https protocol.

Since you now have the images of my firewall in English, can you tell me how to proceed?

Thanks

Bye
balubeto
October 23, 2018, 06:39:15 PM #32
click the download button "export CA cert" and import it into your trust store (this is specific for your OS)
October 23, 2018, 07:17:41 PM #33
Quote from: fabian on October 23, 2018, 06:39:15 PM
click the download button "export CA cert" and import it into your trust store (this is specific for your OS)

This button is located in the "System: Trust: Authorities" panel. Right?

Thanks

Bye
balubeto
October 23, 2018, 07:37:29 PM #34
yes
October 25, 2018, 03:09:13 PM #35
I'm sorry that I misunderstood you, I thought you were doing the whole thing without a CA, CRT only, I guess that's clear now.

Greetings, mark
October 28, 2018, 05:13:45 PM #36
When I create a certificate in the "System: Trust: Certificates"  tab, can I put the full name (xxxxx.yyyyyy) of the firewall and its URI (https://xxxxx.yyyyyy) respectively in the "Common Name" and "Type URI" fields?

Thanks

Bye
balubeto
October 28, 2018, 05:25:09 PM #37
Yes, though, it only accepts the full URL, like: https://my.domain
October 31, 2018, 11:29:24 AM #38
Using Chrome for Windows 7 SP1, in which type of certificates archive should I insert my intermediate certificate exported from OPNsense?

Thanks

Bye
balubeto
October 31, 2018, 03:17:02 PM #39
See post #4 of this thread.

Greetings, mark
November 02, 2018, 07:56:39 PM #40

After importing my self-certification in chrome and enabling the HTTPS protocol to access the firewall webGUI, every time I access this via web, Chrome displays the " Privacy error" page before accessing the Login page (see attachments).


In addition, I noticed that, in the address bar, the words "Not secure" and "https" are displayed. How come?


How should I resolve these annoyances?


Thanks


Bye
balubeto
November 02, 2018, 08:52:41 PM #41
Since your screenshot looks like Windows 7 - here is some official documentation:
https://docs.microsoft.com/en-us/skype-sdk/sdn/articles/installing-the-trusted-root-certificate
November 03, 2018, 09:14:03 AM #42
Quote from: fabian on November 02, 2018, 08:52:41 PM
Since your screenshot looks like Windows 7 - here is some official documentation:
https://docs.microsoft.com/en-us/skype-sdk/sdn/articles/installing-the-trusted-root-certificate

I have Windows 7 SP1 64bit.

From OPNsense, should I export the root or intermediate certificate?

Should the steps indicated in your document be done for each account or only by the administrator?

Thanks

Bye
balubeto
November 05, 2018, 07:44:11 PM #43
I am awaiting your reply.

Thanks

Bye
balubeto
November 05, 2018, 07:58:00 PM #44
I am an Arch Linux user. It it different here.
In my case it would be:
Store in /etc/ca-certificates/trust-source/anchors and call trust extract-compat.
Print
Go Up Pages 1 2 3
User actions