Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
How to Fix ERR_CERT_AUTHORITY_INVALID on GrapheneOS Device
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: How to Fix ERR_CERT_AUTHORITY_INVALID on GrapheneOS Device (Read 2786 times)
isaacthekind
Jr. Member
Posts: 60
Karma: 0
Re: How to Fix ERR_CERT_AUTHORITY_INVALID on GrapheneOS Device
«
Reply #15 on:
November 19, 2023, 05:26:56 pm »
Yes, so this I did try actually. But it gave me a strange behaviour of appending the port number to any URL I tried to access on my phone. I had set default TCP to 8443, and so if I tried to access google.com it would instead try to access google.com:8443.
I also discovered another thing, which is that if I set the name servers explicitly then I get the same certification error network wide, as i get on my phone.
Not sure if either of those things tell you anything. Currently I'm out of ideas for really specific debugging strategies, and I think i may just need more general knowledge, so I'm reading through OPNsense From Beginner to Professional, and hoping that at some point, maybe after reading the sections on certifications, the answer pops out at me. :p
Logged
meyergru
Hero Member
Posts: 1697
Karma: 167
IT Aficionado
Re: How to Fix ERR_CERT_AUTHORITY_INVALID on GrapheneOS Device
«
Reply #16 on:
November 19, 2023, 06:12:25 pm »
That sounds like a browser redirection to me. Like if you try to access certain websites without SSL, there is a redirect to https://. OpnSense does this redirect too, if you do not disable it under
System: Settings: Administration -> "HTTP Redirect"
While you are at it, you could also change the "Listen Interfaces" to LAN only.
I still think that your OpnSense intercepts web traffic via some strange firewall or NAT rules, regardless if it is HTTP or HTTPS.
Logged
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005
1100 down / 440 up
,
Bufferbloat A+
isaacthekind
Jr. Member
Posts: 60
Karma: 0
Re: How to Fix ERR_CERT_AUTHORITY_INVALID on GrapheneOS Device
«
Reply #17 on:
November 23, 2023, 03:50:01 am »
Hey there,
Sorry to disappear for a few days, was just busy with school. So I managed to fix it, but in a somewhat unsatisfying way. I moved my whole network to IPV6. I'm not sure why this fixed it, but it did. I figured since you sort of zeroed in on the NAT rules as a potential cause, maybe a switch to IPV6 would allow me to remove all those rules. I moved to IPV6 deleted all the NAT stuff that I used to need for my Nextcloud web GUI on IPV4, and it magically fixed my GrapheneOS trouble. I would love to know what exactly was going on there, but it may just always be a mystery.
Thank you for pointing me in the right direction, really appreciate all the help.
Logged
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
How to Fix ERR_CERT_AUTHORITY_INVALID on GrapheneOS Device