Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
TLS blocking page
« previous
next »
Print
Pages: [
1
]
Author
Topic: TLS blocking page (Read 667 times)
almodovaris
Full Member
Posts: 156
Karma: 8
TLS blocking page
«
on:
October 28, 2022, 05:22:30 am »
I have enabled TLS blocking page (beta). How do I trust its certificate upon client PCs?
The certificate from /usr/local/opnsense/www/devServer/ says it's for localhost.
Also tried the certificates from /usr/local/sensei/cert/
I have found something about it at
https://stackoverflow.com/questions/59738140/why-is-firefox-not-trusting-my-self-signed-certificate
«
Last Edit: October 28, 2022, 07:35:57 am by almodovaris
»
Logged
Phiolin
Newbie
Posts: 7
Karma: 1
Re: TLS blocking page
«
Reply #1 on:
November 01, 2022, 09:03:58 pm »
You should be able to download the root certificate with practically every modern browser.
That said, it’d be cool if we could configure Zenarmor to use an existing OPNsense CA to generate the certificates instead of using its own internal CA.
Logged
almodovaris
Full Member
Posts: 156
Karma: 8
Re: TLS blocking page
«
Reply #2 on:
November 02, 2022, 06:47:48 am »
Error code: MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY
Logged
sy
Sr. Member
Posts: 336
Karma: 28
Re: TLS blocking page
«
Reply #3 on:
November 03, 2022, 08:59:14 am »
Hi,
It will be changed to use OPNsense's CA for the next release, most probably 1.13.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
TLS blocking page
