Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    This site is not secure

    Scheduled Pinned Locked Moved Cache/Proxy
    4 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      haaser
      last edited by

      I am not sure what information to post to help with this but I am only getting these errors on a few SSL websites. I am using default settings for squid and have not changed much for the MITM. It is set for transparent proxy but that is working fine as far as I can tell. I have imported the certificate to each machine and installed it into "Trusted Root Certification Authorities". Any suggestions or if you need any more information just ask. I am not sure what to do next?

      This site is not secure

      This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately.

      Recommended iconClose this tab

      More information  More information

      Your PC doesn’t trust this website’s security certificate.
      The website’s security certificate is not yet valid or has expired.
      The hostname in the website’s security certificate differs from the website you are trying to visit.
      Error Code: DLG_FLAGS_INVALID_CA
      DLG_FLAGS_SEC_CERT_DATE_INVALID
      DLG_FLAGS_SEC_CERT_CN_INVALID

      Not recommended iconGo on to the webpage (not recommended)

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Is it possible that this error is coming from the original certificate?  If you visit that same site outside of squid and check the cert, is everything valid?

        1 Reply Last reply Reply Quote 0
        • H
          haaser
          last edited by

          If I shut of the squid the website works fine. So I would assume that it is something on my end.

          Is this still an issue? https://redmine.pfsense.org/issues/7524
          Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            No idea.  I don't use transparent mode or SSL-intercept.  Just WPAD to get the URL for filtering and that's all.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.