Web Interface Not Secure

Started by t84a, December 19, 2025, 06:44:34 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 19, 2025, 06:44:34 PM
At some point, when accessing the web interface, it now shows it as NOT SECURE.  The https is red and crossed out. I don't remember changing anything.  I did a search and it told me to find the certificate SYSTEM -> TRUST -> AUTHORITIES but there are no certificates. There is one under CERTIFICATES.  Any help would be appreciated.  Thanks
Today at 03:49:12 AM #1 Last Edit: Today at 05:08:42 AM by OPNenthu
You didn't say which browser but what you're describing is typical for self-signed certs.  OPNsense creates one (it's the "Web GUI TLS certificate" under System->Trust->Certificates) which is just to provide HTTPS support for internal access.  If that's your use case then you can ignore it and add a browser exception to silence the warning. 

The traffic is still encrypted.  It's only the browser warning you because the cert is not signed by a public CA or any private one that the browser knows about.  Different browsers show this in different ways, but you can check the certificate from within the browser and confirm that it's being used.

Your web interface is secure assuming you have working authentication (at least a decent password) and that you haven't opened the management port(s) on WAN.  That would be a different matter.
Print
Go Up Pages1
User actions