Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Expired Certificates not visible in GUI

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 4 Posters 592 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aeleus
      last edited by

      I just upgraded to 2.5.0. The certificate expiration notification is great. Several expired and nearly-expired certificates were identified, and I've addressed those.

      The problem I'm having is that the notification also included 3 certificates that expired over 600 days ago that are not listed under System / Certificate Manager / Certificates.

      These appear to be self-signed certs used when pfSense was initially installed. They were long ago replaced with Let's Encrypt certs.

      How do I remove these old certificates so I don't keep getting notified?

      J A 2 Replies Last reply Reply Quote 1
      • J
        jdeloach @aeleus
        last edited by jdeloach

        @aeleus said in Expired Certificates not visible in GUI:

        I just upgraded to 2.5.0. The certificate expiration notification is great. Several expired and nearly-expired certificates were identified, and I've addressed those.

        The problem I'm having is that the notification also included 3 certificates that expired over 600 days ago that are not listed under System / Certificate Manager / Certificates.

        These appear to be self-signed certs used when pfSense was initially installed. They were long ago replaced with Let's Encrypt certs.

        How do I remove these old certificates so I don't keep getting notified?

        I saw the same thing, mine expired 78 days ago. I don't recall seeing any error message any where before.

        1 Reply Last reply Reply Quote 0
        • A
          aeleus @aeleus
          last edited by

          Update: looks like either the old, self-signed certs are being ignored or some process has removed them. I am no longer getting the notification.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Nothing would have removed or renewed them automatically. Check the CA and Certificate tab, entries on both tabs will be notified about on 21.02/2.5.0.

            If they were old/unused self-signed certs for the GUI then they can be safely removed.

            If they are for other purposes or still needed, then you can renew them using the renew option in the GUI or deal with them however you like.

            If you choose to renew a CA or self-signed certificate in the GUI you should apply the change from https://redmine.pfsense.org/issues/11514 first.

            You can install the System Patches package and then create an entry for 3987c45b3062bebdc925f248fb92dfcb645e7f7d to apply the fix.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • RicoR
              Rico LAYER 8 Rebel Alliance
              last edited by

              Can the System Patches now always be used for both 21.02 and 2.5.0 ?

              -Rico

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                There is a potential for some things to be different, and moreso as time goes on, but for the time being most of the PHP code is the same on both.

                It's worth trying, and if there is a need for a patch specific to Plus 21.02 we can generate one of those as well.

                Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.