@tomtheone said in pfblockerng ssl interception:
My goal would be to prevent the SSL warning
You can't. I can't. An the day some one manages to do so, we can all power down our pfSense and do other thing, as the final judgement day had arrived.
See here why you can't - the browser will always show an error.
True, browsers could show a more "friendlier" message.
And true, with a proxy solution, you could make all involved browser (all your local LAN devices) trust the cert of the DNSBL pfBlokcerNG web server. But that means you control every device involved and in that case you could simply tell every user involved : "If a site doesn't seem to show up, don't worry - you didn't want to look at it anyway".
Btw : all this isn't related to pfSense, as pfSense doesn't care about encryption protocols etc. https, or TLS. It's about how and why web servers and web browsers allow secured connections.
Install Youtube, ask for some "TLS" videos' and a couple of instances later you will become aware of how it all works.