Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

SOLVED Problem with Self-signed certificate

Joined
Dec 14, 2014
Messages
2
Thanks
0
#1
I recently upgraded to 9.3 RELEASE version. I wanted to test the CA and self-signed certificate to use in my internal LAN. I created self-signed certificate authority (CA) and using that created the internal certificate. However, when I use that certificate (to access via https), browser gives error "There is a problem with this website’s security certificate" and there is no way to proceed. If I change the certificate to "freenas-pre-certui" which comes with the release, its fine. Any pointers on how to exactly setup CA and self certificates to use with https under 9.3 release? Thanks in advance.
 

dlavigne

Storage Engineering
Administrator
Moderator
iXsystems
Joined
May 24, 2011
Messages
11,090
Thanks
935
#2
This is to be expected with a self-signed certificate Import the certificate into the browser, how to do that depends upon the browser and there should be lots of browser-specific howtos/docs on the Net.
 

depasseg

FreeNAS Replicant
Joined
Sep 16, 2014
Messages
2,863
Thanks
487
#3
Self signed doesn't mean trusted. Everything is operating correctly.

You will either need to add the certificate to your browser, or create a certificate through a trusted CA (google free SSL certificate) which would be trusted by your browser.
 
Joined
Dec 14, 2014
Messages
2
Thanks
0
#4
Self signed doesn't mean trusted. Everything is operating correctly.

You will either need to add the certificate to your browser, or create a certificate through a trusted CA (google free SSL certificate) which would be trusted by your browser.
Thank you for your quick reply. I forgot to mention in my original post that I did import the certificate in my browser (IE in this case) but still getting the error. That's why I was wondering what else might be doing wrong. I haven't tried creating certificate through Google free SSL service. Will try that next. But the self signed one should work after importing it in the browser. In this case it didn't.
 

depasseg

FreeNAS Replicant
Joined
Sep 16, 2014
Messages
2,863
Thanks
487
#5
You will have to investigate the certificate trust in your browser. The error you are experiencing is due to the fact that even though your session is encrypted, the chain of trust can't be verified. There is more to do than just installing it in IE. Google IE self signed certificate trust. It's a pain. And I must ask, why bother? If you aren't running your own CA and have your intermediate certs installed on all your machines, then this buys you nothing but a headache. On the other hand it can be a great learning opportunity.
 
Top