SOLVED Problem with Self-signed certificate

Status
Not open for further replies.

cparikh

Cadet
Joined
Dec 14, 2014
Messages
2
I recently upgraded to 9.3 RELEASE version. I wanted to test the CA and self-signed certificate to use in my internal LAN. I created self-signed certificate authority (CA) and using that created the internal certificate. However, when I use that certificate (to access via https), browser gives error "There is a problem with this website’s security certificate" and there is no way to proceed. If I change the certificate to "freenas-pre-certui" which comes with the release, its fine. Any pointers on how to exactly setup CA and self certificates to use with https under 9.3 release? Thanks in advance.
 
D

dlavigne

Guest
This is to be expected with a self-signed certificate Import the certificate into the browser, how to do that depends upon the browser and there should be lots of browser-specific howtos/docs on the Net.
 

depasseg

FreeNAS Replicant
Joined
Sep 16, 2014
Messages
2,874
Self signed doesn't mean trusted. Everything is operating correctly.

You will either need to add the certificate to your browser, or create a certificate through a trusted CA (google free SSL certificate) which would be trusted by your browser.
 

cparikh

Cadet
Joined
Dec 14, 2014
Messages
2
Self signed doesn't mean trusted. Everything is operating correctly.

You will either need to add the certificate to your browser, or create a certificate through a trusted CA (google free SSL certificate) which would be trusted by your browser.
Thank you for your quick reply. I forgot to mention in my original post that I did import the certificate in my browser (IE in this case) but still getting the error. That's why I was wondering what else might be doing wrong. I haven't tried creating certificate through Google free SSL service. Will try that next. But the self signed one should work after importing it in the browser. In this case it didn't.
 

depasseg

FreeNAS Replicant
Joined
Sep 16, 2014
Messages
2,874
You will have to investigate the certificate trust in your browser. The error you are experiencing is due to the fact that even though your session is encrypted, the chain of trust can't be verified. There is more to do than just installing it in IE. Google IE self signed certificate trust. It's a pain. And I must ask, why bother? If you aren't running your own CA and have your intermediate certs installed on all your machines, then this buys you nothing but a headache. On the other hand it can be a great learning opportunity.
 
Status
Not open for further replies.
Top