Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfBNG DNSBL + HTTPS

    Scheduled Pinned Locked Moved
    pfBlockerNG
    2
    3
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      doktornotor Banned
      last edited by

      Recently, I'm seeing pretty much nothing logged any more when it comes to blocked HTTPS requests… Apparently, with newer browsers' versions, the lighttpd debug trick no longer works. So, here's a bunch of ideas:

      • the self-signed cert should definitely be SHA2, not SHA1
      • it'd probably help to let people select their own cert from those installed on pfSense
      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        The self-signed cert will never match the request Domain name anyways… Its only used to allow the browser to terminate the connection and lighttpd to try query the error.log for the https details if available...

        Not sure what else can be done with the existing methodology... The best would be to add the Unbound python feature support and collect the details that way without requiring Lighttpd at all..

        Which pfSense OS and Browser?

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          2.3.3 snapshots, browser being mostly Chrome. Why's unbound compiled without python, no idea.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post