https to http chrome login bug



  • I've been getting security errors with pfSense due to a lack of setting up a proper SSL cert for the webGUI, so I switched the config to http. Upon switching this, the login page appears, but will not proceed past the login prompt, even when successful on Chrome. Clearing cache & cookies does not help. I found a year old reddit thread about this same issue, which remained unresolved beyond creating a new pfSense VM, which is not an ideal fix.

    I have restarted php-fpm & the webGUI, as well as chrome after clearing cache & cookies.

    Currently, I can log in with IE, and in incognito in Chrome, but not a normal tab.

    https://www.reddit.com/r/PFSENSE/comments/6r5xpq/switched_to_http_now_webconfigurator_wont_get/

    What can I provide to help diagnose the issue?



  • It's likely that HSTS was enabled on your pfSense system when HTTPS was enabled. HSTS is designed to force the browser to use HTTPS for a defined period of time that is part of the HSTS header.

    What you probably need to do is find how to clear the HSTS cache for your browser, and clear the entry for your pfSense box address and/or hostname.


  • Rebel Alliance Developer Netgate

    I switched the config to http

    There is your problem. Never do that. Keep it on HTTPS.

    Beyond that it's a browser issue local to your PC.


Log in to reply