Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can not check my email, outlook.live.com Cert Error

    Scheduled Pinned Locked Moved pfBlockerNG
    17 Posts 4 Posters 1.6k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      shahzy_ @RonpfS
      last edited by

      @RonpfS
      I did put your suggested url in custom whitelist but problem persists. DNSBL Log error;
      DNSBL Reject HTTPS,Apr 16 14:20:31,outlook.live.com
      DNSBL Reject HTTPS,Apr 16 14:20:31,outlook.live.com

      Browser shows certificate error, CN_DNSBL.

      Any other idea?

      J 1 Reply Last reply Reply Quote 0
      • RonpfSR Offline
        RonpfS
        last edited by

        Why don't you use the Alerts tab to do your whitelisting ?

        2.4.5-RELEASE-p1 (amd64)
        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

        S 1 Reply Last reply Reply Quote 0
        • S Offline
          shahzy_ @RonpfS
          last edited by

          @RonpfS
          I don't see these log entries in Alert tab. I can see them only in DNSBL Log.

          RonpfSR 1 Reply Last reply Reply Quote 0
          • J Offline
            jdeloach @shahzy_
            last edited by jdeloach

            @shahzy_ said in Can not check my email, outlook.live.com Cert Error:

            @RonpfS
            I did put your suggested url in custom whitelist but problem persists. DNSBL Log error;
            DNSBL Reject HTTPS,Apr 16 14:20:31,outlook.live.com
            DNSBL Reject HTTPS,Apr 16 14:20:31,outlook.live.com

            Browser shows certificate error, CN_DNSBL.

            Any other idea?

            I would suggest giving this article a read as it explains alot about how to configure DNSBL in pfBlockerNG: https://linuxincluded.com/block-ads-malvertising-on-pfsense-using-pfblockerng-dnsbl/

            1 Reply Last reply Reply Quote 0
            • RonpfSR Offline
              RonpfS @shahzy_
              last edited by

              @shahzy_ Did you inspect pfblockerng.log, do you see any outlook.live.com in there ?
              Did you run a Force Reload DNSBL ?

              2.4.5-RELEASE-p1 (amd64)
              Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
              Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

              S 1 Reply Last reply Reply Quote 0
              • S Offline
                shahzy_ @RonpfS
                last edited by

                @RonpfS
                This is how it is fixed;

                1. I added outlook.live.com in custom white list
                2. I did a force update.
                3. I restarted dnsbl service.

                The pain go away. I can open outlook and check my email.

                out of curiosity, I tried to reproduce this problem by;

                1. I removed outlook.live.com from custom white list.
                2. I did a force update
                3. I restarted dnsbl service.

                I did not get my original issue. I can open outlook.

                I don't know what exactly is going on but your help, helped me to fix this. Thanks.

                NollipfSenseN 1 Reply Last reply Reply Quote 0
                • NollipfSenseN Offline
                  NollipfSense @shahzy_
                  last edited by

                  @shahzy_ That's because you had added to the whitelist.

                  pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                  pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                  S 1 Reply Last reply Reply Quote 0
                  • S Offline
                    shahzy_ @NollipfSense
                    last edited by

                    @NollipfSense
                    Though my issue is fixed but curiosity never stops;

                    pfblockerng log file after adding outlook.live.com

                    [ uBlockFiltersPlus ] Reload [ 04/16/20 14:34:07 ] . completed ..

                    Whitelist: outlook.live.com
                    I have removed package stat's for simplicity.

                    pfblockerng log file after removing outlook.live.com

                    Whitelist: localhost.localdomain

                    After removing outlook.live.com and force update, my localhost.localdomain get's white listed in this list. This could be reason of not reproducing the issue.

                    Is it ok to see localhost.localdomain white listed?
                    Hope i am not a trouble :)

                    S 1 Reply Last reply Reply Quote 0
                    • S Offline
                      shahzy_ @shahzy_
                      last edited by

                      @shahzy_
                      I found the reason why i was not able to reproduce the issue.

                      You don't need to restart pfsense for unblocking site.

                      You need to restart pfsense if you want to remove sites from custom white list.

                      This concludes my fix and testing. Thanks everyone for your help.

                      1 Reply Last reply Reply Quote 0
                      • RonpfSR Offline
                        RonpfS
                        last edited by RonpfS

                        @shahzy_ said in Can not check my email, outlook.live.com Cert Error:

                        You need to restart pfsense if you want to remove sites from custom white list.

                        What !?!

                        Did you read the Note: These entries are only Whitelisted when Feeds are downloaded or on a 'Force Reload'.

                        Force Update is not the same as Force Reload DNSBL

                        2.4.5-RELEASE-p1 (amd64)
                        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                        S 1 Reply Last reply Reply Quote 0
                        • S Offline
                          shahzy_ @RonpfS
                          last edited by

                          @RonpfS
                          I just did a test. You need to "Force Reload" and "Force Reload DNSBL" in case If you remove an entity from custom white list. The entity behavior will change to blocking. You don't need to restart pfsense.

                          Thanks for clarification.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.