WebGui broken after changing to https
-
I just installed pfsense embedded fresh from scratch. After configuring everything, I changed WebGui access from http to https. After that no chance accessing pfsense. I did the same procedure twice (again from scratch, inclusive flashing the cf card). Again after changing from http to https no access to the Webgui. I could access via SSH.
Just to say, I have my own server certificate und RSA key which I set during the installation. They work(ed) with m0n0wall and pfsense 1.2RC2.
-
Nothing has changed between rc2 that is remotely close to having anything to do with this particular thing. Does a reboot fix it?
-
No, a reboot didn't fix it.
I'm not shure when this problem first occured, possible on RC2. I switched then to m0n0wall. Yesterday I was thinking of trying pfSense again, with this result.
What I didn't try was switching to https without my own certificat or entering the certificat after switching to https.
-
https in general is working. I haven't used it with own certificate yet though but nearly all my installs run on https just fine. The only issue it has when using a slow machine like a wrap it will try to redirect too soon so you get a timeout but if you give it some more time you can manually access it via the https port. This only happens on really slow hardware though.
-
I have the ALIX board, so speed shouldn't be the problem. Now, I'm running m0n0wall with the same certificates.
At the moment I can't make a new test as everything (inlcuding phones) goes over this internet connection.
-
Now I can say for shure, WebGui gets unaccessable after installing the certificates. It doesen't matter if bevor or after setting the Webgui to https…
-
From a shell, run this:
/usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf
Report back the errors.
-
make sure you create a rule in your firewall that allow the 443 port, it is working with me perfectly in all 5 servers
-
@hadi57: Do you use own certificates? Problem started then for me…
Hadn't had time yet to check sullrichs test.
-
Tomorrow I'll get an other ALIX board. Then I can make the test with a non productive firewall. I'll report back then.
-
Were you using captive portal on the machine? If so you your captive portal lock file may not have been deleted. This happened to me and recorded the resolution at: http://forum.pfsense.org/index.php/topic,8152.0.html.
-
I did now your test, seems that it was my fault - something wrong with my secur key:
/usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf
firewall:~# /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf
2008-03-28 16:25:26: (network.c.377) SSL: Private key does not match the certificate public key, reason: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned /var/etc/cert.pem
firewall:~#I generatet a new set key and certificate, now https workes with my certificate.