Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    1. Home
    2. Tags
    3. ssl
    Log in to post
    • All categories
    • G

      HaProxy Internal server error main site

      Cache/Proxy
      • haproxy reverse proxy pfsense+ domain ssl • • GameHoundsDev
      2
      0
      Votes
      2
      Posts
      564
      Views

      G

      @gamehoundsdev NVM im a idiot, I forgot to disable a 443 mapping on nat ..

    • A

      Using SSL offloading to access Services

      Cache/Proxy
      • ssl haproxy nas • • ahole4sure
      2
      0
      Votes
      2
      Posts
      756
      Views

      R

      @ahole4sure no, it is not required if you're using SSL Offloading option on Haproxy frontend. In this case it is better to use http for backend (or issue some internal ssl cert on pfsense for your synology)

    • P

      SquidGuard + SquidProxy SSL Errors

      Cache/Proxy
      • squidguard squidproxy ssl ssl error dns • • pablobhz
      1
      0
      Votes
      1
      Posts
      223
      Views

      No one has replied

    • Z

      SSL error on android when using pfsense

      General pfSense Questions
      • ssl error ssl • • zwiebelspaetzle
      6
      0
      Votes
      6
      Posts
      320
      Views

      S

      @zwiebelspaetzle Mobile could be IPv6, could be a different web server entirely as they have multiple IPv4s.

      https://www.ssllabs.com/ssltest/analyze.html?d=www.podtrac.com&s=44.239.236.149&hideResults=on&latest looks pretty good but does show "Chain issues Incorrect order, Contains anchor". If the client had an issue with that, I would expect it to be a problem regardless of connection...but again could be different web servers.

    • M

      [SOLVED] HAProxy error after upgrade to 2.4.5-RELEASE

      Cache/Proxy
      • haproxy ssl • • Matt2
      1
      0
      Votes
      1
      Posts
      513
      Views

      No one has replied

    • C

      Reverse Proxy using server certificates (NOT PFSense certs)

      Cache/Proxy
      • reverse proxy squid ssl man-in-the-midd • • coatmaker618
      2
      0
      Votes
      2
      Posts
      294
      Views

      C

      Solved in https://forum.netgate.com/topic/153028/haproxy-deleting-acl-on-modify-bug-or-am-i-missing-something/14

    • M

      Phishing alert: CA sertifikat/pfSense_ Generate a SSL Certificate for HTTPS on your pfSense -.mhtml. Please delete the infected file soon.

      Firewalling
      • pishing ssl sertificate • • Modesty
      3
      0
      Votes
      3
      Posts
      223
      Views

      M

      @johnpoz

      Thanks for reply.

      After you replyed, I investigated and I understand now that this warning has nothing to do with pfsense.

      The file is a saved web page:
      https://www.ceos3c.com/pfsense/pfsense-generate-ssl-certificate-https-pfsense/

      The scanner is on my ReadyNAS v 6.10.1, i dont know who is the "produser".

    • Z

      Squid MITM: How to retrieve decrypted data?

      Cache/Proxy
      • squid mitm man-in-the-midd tls ssl • • zll
      5
      0
      Votes
      5
      Posts
      763
      Views

      Z

      Thanks for the info. Astounding is what this is. :-)

    • J

      Certificate chain is incomplete, missing intermediate(s) (WebGUI)

      webGUI
      • ssl intermediates chain authority certificate • • jwaterman
      2
      0
      Votes
      2
      Posts
      640
      Views

      johnpozJ

      Where are you getting your cert from? Your going to have to give us more details if you want anyone to be able to figure out what your doing wrong.

      For what possible reason would you want to use a wildcard cert for the webgui? How many possible fqdn/IPs could you point to the web gui?

      The web gui should be accessed by limited number of users. Create as cert with your own ca, have the users that will access it trust your ca. Put in whatever SANs you want to access it by. Done - set the cert to be good for 10 years. Never have to deal with this issue again.