Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Windows 11 doesn't like SSl Certs

    Scheduled Pinned Locked Moved
    webGUI
    6
    6
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jarhead
      last edited by

      Anyone else having problems with existing ssl certificates with Win 11 in the past week?
      All of my pfSense boxes, and even some NAS boxes I have no longer have valid certs.
      This happened in the past week so I'm guessing it's related to a windows update.
      I even tried creating a new self signed cert in pfSense and it doesn't like it either.

      johnpozJ S 2 Replies Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        No problems here. What is the specific error it's throwing? Is your system clock accurate (especially the date)?

        Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @Jarhead
          last edited by

          @jarhead said in Windows 11 doesn't like SSl Certs:

          no longer have valid certs.

          And why does it say they are not valid? Should throw a reason, date not valid, CA not trusted, etc.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.03 | Lab VMs 2.7.2, 24.03

          1 Reply Last reply Reply Quote 0
          • bingo600B
            bingo600
            last edited by

            Hopefully they're not making an "Apple" on the Cert lifetime.

            /Bingo

            If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

            pfSense+ 23.05.1 (ZFS)

            QOTOM-Q355G4 Quad Lan.
            CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
            LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

            1 Reply Last reply Reply Quote 0
            • S
              SteveITS Rebel Alliance @Jarhead
              last edited by

              @jarhead What browser, and what is the error? Did you try another browser? If Chrome, one of our staff ran into an issue several months ago on our pfSense routers where it was flagging the connection/cert with a specific error. Other PCs and/or other browsers didn't see it. I vaguely recall it was inconsistent? He's on vacation for the next 10 days though.

              We eventually found there is a secret word to type into the web page (I kid you not) that allows the connection. Ah I think I found it:

              https://support.google.com/chrome/thread/10551759/net-err-cert-invalid-website-sent-scrambled-credentials-self-signed-certificate?hl=en&msgid=31644104
              "A quick way to bypass this message ā€” open Advanced and see if you have a ā€œproceed to websiteā€ option.

              IF NOT, you can try typing ā€œbadideaā€ or ā€œthisisunsafeā€ directly in chrome on the same page. Donā€™t do this unless the site is one you trust or develop. The text ā€œbadideaā€ and ā€œthisisunsafeā€ says a lot!"

              I don't remember if that was the error (NET::ERR_CERT_INVALID website sent scrambled credentials) but that was the "solution." Reissuing the self-signed cert, etc. didn't help.

              Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
              Upvote šŸ‘ helpful posts!

              1 Reply Last reply Reply Quote 0
              • J
                Jarhead
                last edited by

                All the errors were the same, not trusted.
                I ended up deleting all the certs and reinstalling all of them by downloading from each pfSense box and now they're fine again.
                Not sure what happened but happy it's fixed!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post