Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge
« previous
next »
Print
Pages: [
1
]
Author
Topic: OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge (Read 4260 times)
cnaslund
Newbie
Posts: 10
Karma: 0
OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge
«
on:
January 24, 2018, 01:49:51 am »
Logging into Opnsense 17.1.12 URL using either an IP or a server name like opnsense.localdomain with Chrome 63 gives a warning that the OPNSense CA is not trusted. I added the CA certificate into Trusted Root Certificates and the Browser (as well as Windows 10 Edge) refuses to trust the certificate.
I also created a self-signed certificate using the OpenSSL v3.ext in creation to use the new SubjectAltName with the server domain as as alternate IP.1 IPV4 address and added it to the Trust section of Opnsense. I then added this self-signed certificate (along with my rootkeyCA.pem key) to my browsers. Both browsers still complain about OpenSense's CA certificate as being invalid.
Please advise on how I can fix this CA certificate.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge
«
Reply #1 on:
January 24, 2018, 07:32:54 am »
Hi there,
If you a are worried about trust why not buy a certificate or roll out Let's Encrypt via the os-acme-client plugin?
Cheers,
Franco
Logged
cnaslund
Newbie
Posts: 10
Karma: 0
Re: OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge
«
Reply #2 on:
January 29, 2018, 11:48:33 pm »
The issue is that my browser of choice complains about the invalid CA certificate that is provided with OPNSense installation. I just want the OPNSense Website to be trusted by my browser(s). Please advice.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge
«
Reply #3 on:
January 30, 2018, 12:14:45 am »
Sure, please buy a certificate or use Let's Encrypt (also usable via os-acme-client plugin).
Cheers,
Franco
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge
«
Reply #4 on:
January 30, 2018, 06:36:13 am »
This is expected behavior, also with commercial vendors like Sophos or Cisco ASA. You'll get a self signed certificated created by the wizard.
If you want it to stop do this with Lets Encrypt, or create a CA with OPNsense and import it to your system or just buy one (GlobeSSL should be one of the cheapest)
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
cnaslund
Newbie
Posts: 10
Karma: 0
Re: OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge
«
Reply #5 on:
February 01, 2018, 06:24:08 am »
I followed your advise and tried Let's Encrypt.
Using the plug-crashes OPNsense 17.7.12-amd64. I installed the plug-in and am trying to figure out how to use it. The short tutorial is not very clear to me and does not match the configuration settings in the current version. It would be appreciated if you would assist me. I'm new to this.
Attached are the log files and the error contents when the OPNSense Server warns of a serious error.
Please advise.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
OPNsense 17.7.12-amd64 Web GUI HTTPS Not Trusted by Chrome63 or Edge