NET::ERR_CERT_AUTHORITY_INVALID
-
In that case you will be able to make it work in less then 5 minutes !!
As said a thousands times already the last week or so, since the outcome of pfSense 2.4.5 :
Backup you settings.
Optional : If possible, backup your VM if you are using a bare-bone system, swap the drive. Tis permits you to go back.
Upgrade to - or even better - install a fresh pfSense 2.4.5.
Make WAN and LAN work.
Done !!If needed, import your backup up settings back in.
If it fails the,, redo the re install - and do not use your backed up settings any more.
Just set up the minimal needed things and you'll be fine.Remember, it's a router/firewall : it just takes 10 minutes or so.
-
Thank you
recently we have performed this but no use -
@yogeesh said in NET::ERR_CERT_AUTHORITY_INVALID:
recently we have performed this but no use
What do you mean ?
You installed pfSense 2.4.5 vanilla and no more facebook ?
(which I tend to see as a feature ...
) -
I don't know whether its vanilla or not
2.4.5-RELEASE (amd64)
built on Tue Mar 24 15:25:50 EDT 2020
FreeBSD 11.3-STABLEThe system is on the latest version.
Version information updated at Thu Apr 2 13:19:58 IST 2020 -
And facebook doesn't work ??????
Use another PC to test again.
-
yes it is not working
I have tried in all other PCs -
Applied these advices https://www.facebook.com/notes/protect-the-graph/upgrades-to-facebooks-link-security/2015650322008442/ ?
edit : and you're using Chrome so for example https://www.thesslstore.com/blog/clear-hsts-settings-chrome-firefox/
-
even if I use safari or any other browser i face the same error.
IMP: if I switch from the network connection(pfsense bypassed) immediately I am able to access all these websites.
So I feel this is an issue with pfsense -
@yogeesh said in NET::ERR_CERT_AUTHORITY_INVALID:
So I feel this is an issue with pfsense
I agree.
Do you agree with this : a detail : your pfSense and mine are the same. The only difference is : your settings and mine.
Do what do you think : "Install pfSense, and no more facebook.com for your network members". Do you think pfSense would last long ?So, what so different with your setup ?
-
So your running through proxy? Your running through VPN..
Out of the box pfsense would have zero to do with your connection..It just routes and nats it, all outbound connections are allowed. I take if you were trying to filter with e2guardian, your running proxy.. Disable that! Does it now work?
Running pfsense here, and zero issues with accessing facebook.
-
@Gertjan Don't know might be
How to verify the setting? -
You posted this :
@yogeesh said in NET::ERR_CERT_AUTHORITY_INVALID:
Re: Unofficial E2guardian package for pfSense
Do you know what E2guardian is ?
@johnpoz said in NET::ERR_CERT_AUTHORITY_INVALID:
Running pfsense here, and zero issues with accessing facebook.
Yeah. Lucky you.
And that's why I want to know why @yogeesh has issues with this.
( because I'm gonna sell this knowledge as a huge feature ) -
@Gertjan said in NET::ERR_CERT_AUTHORITY_INVALID:
E2guardian is ?
No I don't have any idea about E2guardian
-
Well why are you asking about it then???
You started this thread with
Re: Unofficial E2guardian package for pfSense
Look under your package manager - what do you show installed? If you have a proxy setup, disable it!
Your in the cache/proxy section - so you have proxy installed... If you have no idea how to run one or troubleshoot one.. Then you should disable it!
-
@johnpoz said in NET::ERR_CERT_AUTHORITY_INVALID:
your package manager
Nice catch !!
It could be, for example, a pfBlockerNG case, set up with the 'click on all the feeds cause it's free'. That would block facebook for sure, redirected to a pfBlockerNG notification web page, so the wrong cert is being returned and the browser start to yell about HSTS issues. -
Yeah that could be it... But his pic didn't include the address he was going to.. It could be redirection to the 10.10.10.10 address pfblocker uses by default.
Oh wait it does just show facebook.com - stupid chrome hiding actual urls!
Picture is so small can barely see anything anyway ;)
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.7.2, 24.11 -
-
Show your package manger installed - this page.
Show all the packages you have installed.
-
@johnpoz said in NET::ERR_CERT_AUTHORITY_INVALID:
stupid chrome hiding actual urls!
That address bar is the best pishing detection tool possible, it will never lie to you, so Google decide to hide it .... Makes me wonder.
Anyway ....@johnpoz said in NET::ERR_CERT_AUTHORITY_INVALID:
Picture is so small can barely see anything anyway ;)
It's a generic picture we all see. Doesn't contain any useful information except for the error code and the four letter word HSTS. I guess @yogeesh will find out very soon that the only information we have are his words.
Quiet unreadable for use.I already suggested to use pfSense without any changes in the settings, which include of course packages (none should be used / installed).
The answer was :@yogeesh said in NET::ERR_CERT_AUTHORITY_INVALID:
I don't know whether its vanilla or not
I guess it's time to ask if there is actually a pilot on that plain
@yogeesh don't worry, the case will get resolved. It will take some time, though.
-
