Telemetry status Failed to load widget - ETPRO Telemetry edition

Started by robert.haugen@gmail.com, Today at 11:09:57 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 11:09:57 AM
Hi,

Yesterday, Telemetry status  Failed to load widget appeared. Using ETPRO Telemetry edition.

Using curl from OPNsense:
OPNsense:~ # curl -v https://opnsense.emergingthreats.net/api/v1/telemetry
* Host opnsense.emergingthreats.net:443 was resolved.
* IPv6: (none)
* IPv4: 72.12.200.25
*   Trying 72.12.200.25:443...
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* closing connection #0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the webpage mentioned above.
Today at 12:26:49 PM #1
Hello, same problem here, but How to fix it I don't understand. Some "how to" explanation available?
Today at 01:12:02 PM #2
That is because curl does not trust the certificate for opnsense.emergingthreats.net, which is issued by Sectigo.

You can verify this via:

Code Select
# curl -v https://opnsense.emergingthreats.net
* Host opnsense.emergingthreats.net:443 was resolved.
* IPv6: (none)
* IPv4: 72.12.200.25
*   Trying 72.12.200.25:443...
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* closing connection #0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the webpage mentioned above.

IDK why it is not trusted, though, because the top-level issuer "Sectigo Public Server Authentication Root R46" CA seems to be present.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Print
Go Up Pages1
User actions