Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG DNSBL Self-Signed Certificate - how replace?

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 888 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      szsemla
      last edited by

      Hello.
      I have a problem with pfBlockerNG. When the website is blocked, the browser does not show me the page generated by pfBlockerNG, only information that there is a problem with the certificate. How can I download "pfBlockerNG DNSBL Self-Signed Certificate" to import it to trusted? Alternatively, how to replace this certificate?

      keyserK 1 Reply Last reply Reply Quote 0
      • keyserK Offline
        keyser Rebel Alliance @szsemla
        last edited by

        @szsemla Changing the certificate or downloading it to trust on your clients does not remove the certificate warning which causes you browser to issue that warning.

        The DNSBL service blocks clients by DNS responses with the IP of the DNSBL Block site service.
        So regardless of which certificate is on there, the browser will issue a warning as the Common/SAN name of the certificate will never be the sitename the client actually was attempting to reach.

        Love the no fuss of using the official appliances :-)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.