Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WebConfigurator default certificate expired yesterday

    Scheduled Pinned Locked Moved webGUI
    24 Posts 8 Posters 20.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GertjanG
      Gertjan @adamf663
      last edited by Gertjan

      @adamf663 said in WebConfigurator default certificate expired yesterday:

      generateguicert did nothing as I've said a couple of times.

      It generates and puts in place a new cert with valid date boundaries.
      Still, the new cert it signed by an authority that your browser doesn't trust.
      That can be circumvented by importing the cert details into the 'database' of your system or browser. A working GUI is of course needed to do so.
      Not the GUI, but the console access can stop https access to the GUI, if needed. Many forum posts explain what to do.

      I've just used t to generate a new cert, my Fifefox was still complaining of course, had to use the IPv4 of my pfSense, and got in after telling Firefox to allow an exception. So, the instructions work.
      I was using the console access.

      The fact that browsers become more more picky every day is known.
      Up to you to disable the https access to the GUI, or use really trusted certificates out of the box (brower's box).

      edit @johnpoz went down the same way, posted faster.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      A 1 Reply Last reply Reply Quote 0
      • A
        adamf663 @Gertjan
        last edited by

        @Gertjan My ca goes out 10 years. The problem was with the server cert and generateguicert did nothing and didn't write any information.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          pfSense shell: playback generateguicert

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 1
          • J
            jwaterman @Derelict
            last edited by

            @Derelict I know this is old... I just wanted to thank you for the steps. Got me back up and running quick when a certificate was accidentally revoked. Thank you!

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.