TLS blocking page

Started by almodovaris, October 28, 2022, 05:22:30 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 28, 2022, 05:22:30 AM Last Edit: October 28, 2022, 07:35:57 AM by almodovaris
I have enabled TLS blocking page (beta). How do I trust its certificate upon client PCs?

The certificate from /usr/local/opnsense/www/devServer/ says it's for localhost.

Also tried the certificates from /usr/local/sensei/cert/

I have found something about it at https://stackoverflow.com/questions/59738140/why-is-firefox-not-trusting-my-self-signed-certificate
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
November 01, 2022, 09:03:58 PM #1
You should be able to download the root certificate with practically every modern browser.

That said, it'd be cool if we could configure Zenarmor to use an existing OPNsense CA to generate the certificates instead of using its own internal CA.
November 02, 2022, 06:47:48 AM #2
Error code: MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
November 03, 2022, 08:59:14 AM #3
Hi,

It will be changed to use OPNsense's CA for the next release, most probably 1.13.
Print
Go Up Pages1
User actions