I'm an idiot



  • I wanted to create an SSL cert on my pfsense box so my browser would trust the webgui.  I created an internal CA, an certificate, turned on https for the webgui.  But now neither Chrome nor IE, or Edge will let me login.  I get this in Chrome:

    _10.1.1.254 normally uses encryption to protect your information. When Google Chrome tried to connect to 10.1.1.254 this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be 10.1.1.254, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.

    You cannot visit 10.1.1.254 right now because the website sent scrambled credentials that Google Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later._

    Is there anything I can do short of rebuilding pfSense?



  • Go to the console interface.

    Select "Set interface(s) IP addresses".
    Select "LAN".
    Set the IP to the same address as you are using.
    When prompted, choose not to use HTTPS.

    You should be able to access the WebGUI after that.


  • Rebel Alliance Developer Netgate

    Or from a shell prompt, run:

    pfSsh.php playback generateguicert
    

    That will create a new self-signed certificate and activate it.


Log in to reply