Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cert issue for accessing local web pages

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 695 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      cjnazz
      last edited by cjnazz

      I'm running an Apache server on my LAN which is exported via port 443 thru the firewall and has a valid LetsEncrypt cert. DDNS is set up and if the pages are accessed from the WAN-side (i.e., shut off WIFI on my phone) then I can access them just fine. If accessed locally (via the LAN) I get this from the browser:

      Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for xxxxxxxx.duckdns.org. The certificate is only valid for pfSense-610f2e56e00c5.
 
Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

Organization
Netgate pfSense Plus webConfigurator Self-Signed Certificate

      How do I resolve this? All I've seen is somewhat related posts that require installing certs on every locally used web browser!

      M 1 Reply Last reply Reply Quote 0
      • M Online
        mcury Rebel Alliance @cjnazz
        last edited by

        Split DNS..

        Create an entry in DNS Resolver (in case you are using unbound) for the local address to be reachable by that name.

        So, from the Internet, your WAN will be resolved.
        From inside, the local address will be resolved.

        dead on arrival, nowhere to be found.

        C 1 Reply Last reply Reply Quote 0
        • C Offline
          cjnazz @mcury
          last edited by

          @mcury Excellent. Added to Host Overrides. I'm somewhat surprised that this resolves a certificate trust issue. Hum...

          Thank you.

          M stephenw10S 2 Replies Last reply Reply Quote 0
          • M Online
            mcury Rebel Alliance @cjnazz
            last edited by

            Good to hear that it's working now

            dead on arrival, nowhere to be found.

            1 Reply Last reply Reply Quote 0
            • stephenw10S Offline
              stephenw10 Netgate Administrator @cjnazz
              last edited by

              @cjnazz said in Cert issue for accessing local web pages:

              I'm somewhat surprised that this resolves a certificate trust issue. Hum...

              It resolves it because without that you are just hitting the pfSense webgui which is obviously not valid for the site you are trying to reach.

              https://docs.netgate.com/pfsense/en/latest/recipes/port-forwards-from-local-networks.html

              Steve

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.