@gpz1100 said in Pfsense+, tokens vs nic changes, broken registration: Is the NDI tied to the physical nic mac or virtual (spoofed)? To get the wan operational its mac has to be spoofed. The MAC as it is presented to the core OS. Internal spoofing in pfSense is not taken into account.

@rcoleman-netgate said in CE to Plus - Unable to check for updates: @bingo600 said in CE to Plus - Unable to check for updates: @stephenw10 Since my first install crashed w. a bad hdd , could i have exhausted the Netgate Cert Server ?? - I just failed once Open a ticket with your NDI and we'll bounce that cert for you (if that is the issue). I have just been able to upgrade now. So my money is on exhausting the SSL Cert server. Why is there such a low limit on the cert server ?? Worth noting the problems you have with your QOTOM matches my own experiences in 2016 with them. I scrapped them all as soon as I could manage it. Well to be fair i think the Qotom is "innocent" , it has been running flawlessly since 2017. But I have had ntopng permanently active, and my guess is that it has worn out the SSD disk. I should not have used a "consumer" ssd with that amount of logging. I have stopped running ntopng permanently active. And have changed to a server grade SSD. Thank you for the answer Ryan, and offer to contact TAC. But this experience worries me a bit, wrt. switching my work boxes to Plus. At least until i can buy a "whitebox" subscription, and get access to the Plus image via TAC. My next prod boxes will likely be Netgate, but bean counters ...... /Bingo

I was reinstalling 2.6 (ZFS) on the APU6B4 and then I was upgrading to 23.01 and all went fine for me, after installing all needed patches and packets I am now better sorted then ever before! But the APU4D4 I was deciding to give TNSR 23.02 a chance. With pfSense 2.7 DEVEL installed on it, I was never getting hot in touch, problems over problems only after the first upgrade of the entire system!

I updated without any problem to 23.01 it took around 8 minutes and everything worked well.

@stephenw10 said in packagesite.txz: Authentication error: It's in the system infomation widget on the dashboard or above the menu at the console. Or shown by running gnid at the CLI. ok. i have sent it to you with forum chat.

Ok so here is what happened. After I removed the https protocol the repository updated. However, when I tried to install the package, pfsense automatically updated the pfsense.config file. So this issue is still there.

jimp, I used the USB Image Writer that came stock with my Linux distro. I created another boot usb drive on an old 2.0 usb drive and the pfSense install had not trouble completing. On to configuring!!! Thanks for your help!

This is what fixed it for me. https://redmine.pfsense.org/issues/14137

@chrisnz like @SteveITS indicated a clean install of the Feb 15th snapshot then upgrading to 23.01 will fix the PHP issue. Original comment here: PHP Issue Also read here: Here

@rcoleman-netgate Thank you. The certificate seemed very strange but the problem is now solved.

@mikedpitt Would be nice if you left the thread with more information like which version actually worked for you.

@steveits said in Netgate SG-3100 failed firmware upgrade.: They usually send the firmware link pretty quickly. I can personally confirm this. I haven't used Netgate customer support very much, but at least for me, they've set the "CS" bar pretty high.

Due to what looks like too many 2.7 Dev packages being past 23.01 I ended up having to do an install without packages Create full backup without packages Create a full backup with packages loaded pfSense-CE-memstick-2.7.0-DEVELOPMENT-amd64-20230214-0600 restored full backup without packages from usb on first boot. logged in to ui Switched to pfsence plus upgrade channel from ssh pfSense-upgrade -u >>> Updating repositories metadata... Updating pfSense-core repository catalogue... Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-core/meta.txz: Authentication error repository pfSense-core has no meta file, using default settings Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-core/packagesite.pkg: Authentication error Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-core/packagesite.txz: Authentication error Unable to update repository pfSense-core Updating pfSense repository catalogue... Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-pfSense_plus_v23_01//meta.txz: Authentication error repository pfSense has no meta file, using default settings Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-pfSense_plus_v23_01//packagesite.pkg: Authentication error Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-pfSense_plus_v23_01//packagesite.txz: Authentication error Unable to update repository pfSense Error updating repositories! pkg-static clean -ay ; pkg-static install -fy pkg pfSense-repo pfSense-upgrade pkg-static: Repository pfSense-core missing. 'pkg update' required pkg-static: No package database installed. Nothing to do! Updating pfSense-core repository catalogue... Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-core/meta.txz: Authentication error repository pfSense-core has no meta file, using default settings Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-core/packagesite.pkg: Authentication error Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-core/packagesite.txz: Authentication error Unable to update repository pfSense-core Updating pfSense repository catalogue... Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_01_amd64-pfSense_plus_v23_01//meta.txz: Authentication error repository pfSense has no meta file, using default settings Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_01_amd64-pfSense_plus_v23_01//packagesite.pkg: Authentication error Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert Could not load client certificate /etc/ssl/pfSense-repo-custom.cert pkg-static: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_01_amd64-pfSense_plus_v23_01//packagesite.txz: Authentication error Unable to update repository pfSense Error updating repositories! Had an issue with certificates - I had reinstalled about 10 times to get here so per the post linked above I waited till the next morning. date: Wed Mar 22 16:28:42 date: Thu Mar 23 08:49:34 from the other post checked on the upgrade package by running pkg-static clean -ay ; pkg-static install -fy pkg pfSense-repo pfSense-upgrade The following package files will be deleted: /var/cache/pkg/pkg-1.19.1_1~9a3b6eb7d0.pkg /var/cache/pkg/pkg-1.19.1_1.pkg /var/cache/pkg/pfSense-repo-2.7.0.a.20230322.0600.pkg /var/cache/pkg/pfSense-repo-2.7.0.a.20230322.0600~8e745598b0.pkg The cleanup will free 9 MiB Deleting files: 100% All done Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. The following 3 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense-repo: 2.7.0.a.20230322.0600 -> 23.01 [pfSense] pfSense-upgrade: 1.0_29 -> 1.0_58 [pfSense] Installed packages to be DOWNGRADED: pkg: 1.19.1_1 -> 1.18.4_4 [pfSense] Number of packages to be upgraded: 2 Number of packages to be downgraded: 1 The process will require 1 MiB more space. 9 MiB to be downloaded. [1/3] Fetching pfSense-repo-23.01.pkg: 100% 6 KiB 6.0kB/s 00:01 [2/3] Fetching pkg-1.18.4_4.pkg: 100% 9 MiB 4.8MB/s 00:02 [3/3] Fetching pfSense-upgrade-1.0_58.pkg: 100% 22 KiB 22.3kB/s 00:01 Checking integrity... done (0 conflicting) [1/3] Upgrading pfSense-repo from 2.7.0.a.20230322.0600 to 23.01... [1/3] Extracting pfSense-repo-23.01: 100% [2/3] Downgrading pkg from 1.19.1_1 to 1.18.4_4... [2/3] Extracting pkg-1.18.4_4: 100% [3/3] Upgrading pfSense-upgrade from 1.0_29 to 1.0_58... [3/3] Extracting pfSense-upgrade-1.0_58: 100% You may need to manually remove /usr/local/etc/pkg.conf if it is no longer needed. rebooted Logged in to IU and made sure the System update was set to "pfSense Plus Upgrade" channel from ssh checked the upgrade pfSense-upgrade -c >>> Updating repositories metadata... done. 23.01 version of pfSense is available pfSense-upgrade >>> Updating repositories metadata... Updating pfSense-core repository catalogue... Fetching meta.conf: . done Fetching packagesite.pkg: . done Processing entries: .. done pfSense-core repository update completed. 15 packages processed. Updating pfSense repository catalogue... Fetching meta.conf: . done Fetching packagesite.pkg: .......... done Processing entries: .......... done pfSense repository update completed. 537 packages processed. All repositories are up to date. >>> Setting vital flag on pkg... done. The following 170 package(s) will be affected (of 0 checked): <SNIP> Installed packages to be UPGRADED: pfSense-kernel-pfSense: 2.7.0.a.20230214.0600 -> 23.01 [pfSense-core] Number of packages to be upgraded: 1 The operation will free 2 MiB. [1/1] Upgrading pfSense-kernel-pfSense from 2.7.0.a.20230214.0600 to 23.01... [1/1] Extracting pfSense-kernel-pfSense-23.01: .......... done ===> Keeping a copy of current kernel in /boot/kernel.old >>> Removing unnecessary packages... done. >>> Activating boot environment default... done. System is going to be upgraded. Rebooting in 10 seconds. Then after reboot installed the packages again from the UI and the config was there for each package installed Create full backup without packages Create a full backup with packages Store backups some where safe

@steveits Thank you very much, Steve! That solved my issue.

@rcoleman-netgate Hi My work mail domain unlp.sk is not accepted, when create TAC Please enter a valid email address. Cant fix this problem ? Thanks

@deemery Usually they send it in 15 minutes or so, regardless of time of day that I've tried. I cannot remember if I got an immediate ticket creation email first, or not. I would submit again, check your spam filter, etc.

@gertjan Thanks gertjan. It seems we are at the same understanding. DNS was never the problem, it was authentication in some way shape or form. That is why I had asked for some discrete way to determine what creds I was sending and/or how to determine my registration status. I still don't know where the creds are and why it all works now. Still, as stated, I had installed both versions from the console and virgin installs had the same authentication problem. Clearly it wasn't something I did as I had done nothing. The one change that made it all work was to change ISP. We can conclude that is the difference that worked, but we have no way to determine if it works because CL isn't manipulating something or TM is manipulating something. Like I said, I don't understand everything I know. At this point I'm moving to a more important problem. There is urgency only because my ISP account is a trial period with a company known for breaches. My LAN segments are all routed to my ProtonVPN and traceroute from the LAN shows that I go to my virtual address, then my Proton, then the open Internet. HOWEVER, a traceroute from the console command shell goes out the WAN directly to the ISP. I have to allow the ISP to send me DHCP (write) but I see no reason to allow other writes and any reads at all. I'll be in the documentation for the foreseeable future. PS. I am aware that TM breaches are customer account PII data and I've ensured that if they leak what they have I won't be concerned. However, any company run this way is suspect as to what they may try, or inadvertently allow, over my WAN connection.

@mohkhalifa https://forum.netgate.com/topic/169842/2-5-2-to-2-6-0-upgrade-fails-with-pkg-child-process-pid-n-terminated-abnormally-segmentation-fault/15