Problems with pfsense.localdomain hostname
-
Ah, yeah, Chrome loves to do that.
-
@stephenw10 I need to just stop using chrome completely. All it does is cause me headaches.
-
It was doing you a favor, though. Go back to HTTPS :-)
-
@jimp yes did that already :) Although Chrome does not work at all with my self signed certificate. I added my SSL certificate and my intermediate root authority certificate in my keychain (MacOS) and it still refuses to connect over HTTPS. If I click on the security icon in Chrome to view the certificate, it says that it is trusted by the OS, even though Chrome says that it is "revoked". Firefox works great though.
-
Probably the default cert lifetime. The GUI certs on 2.4.4-p3 and earlier default to 2000 days, Macs only allow 825 now (and will lower that to 389 soon).
https://redmine.pfsense.org/issues/9825
-
@jimp this is a Chrome specific issue. MacOS says that the cert is trusted. Firefox also says that it is trusted. Also, I generated the Cert a couple of weeks ago, so this is definitely not reaching a cert lifetime issue.
-
It still can be. Look at the change made in https://redmine.pfsense.org/projects/pfsense/repository/revisions/71185882dc168e49347f0924f33a207aaf6e2db0/diff and make that edit yourself by hand (but use
389
, not825
, and then go to a shell prompt (ssh or console) and runpfSsh.php playback generateguicert
and see what happens. -
@jimp Ohh I see what you are saying. I'll give that a try. Thanks.
-
That worked thanks! It's annoying that Chrome's error was this:
NET::ERR_CERT_REVOKEDinstead of this:
NET::ERR_CERT_VALIDITY_TOO_LONG -
Exactly!!! BS error that doesn't say what the problem is!