Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense 2.3 squid proxy https filter certificate error Workaround

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      deepak727
      last edited by

      Hello members,

      My this post is regarding the certificate validation error in pfsense squid proxy for https filtering.

      Like most of the guys struggling for the solution, even I was one of them, but luckily I got the workaround.

      The problem is with the certificate import in the computer. There are lot's of posts who shows that you should just import the certificate in user account but that didn't worked for me, what worked for me is opening MMC from run and add the snap-in for certificate for computer account, and import the certificate in Trusted Root Certification Authorities. and you are done, this works like a charm for me.

      I believe this can be done directly from double clicking the certificate and import in computer account rather than user. (Some times reboot is required.)

      Please do let know if this works for you also.

      P.S. When I was working on it and didn't find the solution, I voted Pfsense 2.3 squid https filter not working and now I want to remove that vote please admin do let me know from where I can do that.

      Regards.

      1 Reply Last reply Reply Quote 0
      • T
        techguy01
        last edited by

        What browsers/versions are you using cause i can't get it to work. I still get the certificate error even though i imported the certificated in the Trusted Root Certification Authorities.

        1 Reply Last reply Reply Quote 0
        • W
          W4RH34D
          last edited by

          Yeah safari/firefox was a no-go for me.

          It's one of the last few hurdles for me.

          It's pretty important in my book as 443 is where most emails/attachments come in that need to be scanned.

          Did you really check your cables?

          1 Reply Last reply Reply Quote 0
          • D
            deepak727
            last edited by

            I have tested on Chrome Firefox and Internet Explorer. Not tested on safari.

            For firefox you have to put the certificate on firefox's certificate manager.

            And as you said you have put the certificate in Trusted Root Certification Authorities but where on Computer account or User's Account.

            For me it worked with computer account and install the certificate with administrative privilege.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.