Holy molly, is this firm evidence of a MITM being done on me?
I am aggregating the bandwidth from 2 ISP's using multiwan. Just tried to add a package and when I clicked on Packages I got a display that looked like the attachment.
Is this definitive evidence of a man in the middle attack being done on me (or your server)?
![mitm evidence on pfsense.jpg](/public/imported_attachments/1/mitm evidence on pfsense.jpg)
![mitm evidence on pfsense.jpg_thumb](/public/imported_attachments/1/mitm evidence on pfsense.jpg_thumb)
Not 100% certain. Possible, sure, but not certain.
What version of pfSense is that? It could be that it doesn't trust the CA/Cert used on our server for some reason, or your clock could be wrong, or who knows what.
what is the FQDN that is checked? Should be able to just use openssl to check the details of the cert, etc.