@soheil-amiri by increasing retry option on my client application, problem solved.

@jsiegfried I don’t see any notification from HA Proxy about that CVE. They haven’t addressed it or spoken about it at least on their blog. The CVE score is pretty low compared to the other one tho. https://www.cvedetails.com/cve/CVE-2023-0056/

@karimhaydar31 said in connection is not private when using Chrome: X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN The certificate is valid, but not co-signed by one of the major players, like Verisign etc. see here for a list. The thing is, your browser only accepts (and stays silent) certificates if they were co or toot signed by one of the authorities that are on 'the list' (in your device). You could actually empty this list, and your browser would not even trust https://www.micirostf.com any more. So, the easiest thing to do, is : export the certificate that is being used by the Webconfigurator, and import it into you browser / OS. Now, your browser / OS it trust it, and no more errors. That's all it takes ! You could also get your hands on a certificate that is trusted out of the box. A trusted certificate is free. Example : if these are your general settings : [image: 1681197872695-5f251b0a-5c89-4ab6-aec6-556829c21c72-image.png] and you actually own, or rent the some-domain.tld domain name, you could obtain certificate for *.some-domain.tld for free. The pfSense package "acme" is all about that functionality. Again : the certificate will be free, the domain name will cost some money.

@michmoor I think clam AV has it as a false positive.

@michmoor This was solved on my end. Was an issue with the backend server domain-name vs. hostname configured.

@jonathan-young you need a redirection rule - http-request redirect along with a conditional i think would help. http-request redirect location def-test.example.com code 302 if { hdr(host) -i abc-test.example.com

Try setting a file extension in the field there even if you're not using that.

@t3st That I don't know. Transparent proxy is a major pain in the ass. I prefer explicit mode.

@steve-williams said in ICAP protocol error: Not sure if this is in the right section but since updating to 2.6 I am now getting random ICAP protocol errors and Clam service stops working. The random website working can be one works and one won't a few hours later they might flip. After a quick Google Pfsense was the top result with a glitch with Squid just wondering if anyone else has been getting issues I am also encounter the same isssue. Even when I access my website cubes 2048, it announces that it can't be reached. I wonder whether this issue can be solved.

@hugoeyng I know in Java It would be something like this photo. Again it needs the C programming version of it so you can read the specific error. This photo I have a array that is out of bounds when it prints that element, notice the error is caught. You can do more than print the error you can redirect it to other code also, so if something was missing in that config it could flag it if needed would need more code. [image: 1679690802800-screenshot-2023-03-24-at-1.45.11-pm.png] [image: 1679690969353-screenshot-2023-03-24-at-1.49.18-pm-resized.png]

@viragomann so what utility does he use for this?

@ryan0413 Did you try re-installing the package?

That would likely need to be a feature request.

@bavcon22 There is no access from the internet to your router possible if it's behind CG-NAT. So no idea how HAproxy should help here.

@nopanic Hello all I have to come back cause the traffic goes only from LAN to OPT. From WAN site I dont get a connection. Courious: When I do tcp tranparent entries and wnat back to nat-forwarding I have to reboot the machine, so forwarding work again. I have to delete the entries and reboot. Disabling is not enough. Can someone help? Tia Stefan