WebConfigurator hands out expired certificate, but in Cert. Manager it seems up-to-date
this morning my browser (Chrome) rejected connecting to pfsense's web interface because of an expired certificate. Tried with Firefox, same result. The certificate has expired on 8 May 2021 according to the browsers.
However, when I log in to pfsense ignorning the certificate error, in the Certificate Manager the certificate seems to be valid and has an expiry date of 8 July 2021.
Any ideas why web configurator is handing out the expired certificate when actually there is a valid one (that is assigned to web configurator). My searches didn't bring up any similar cases.
The selected certificate here System > Advanced > Admin Access IS the certificate that expires 8 July 2021 ?
Try also console (or SSH) option 11.
@gertjan thank you very much. A restart of the web configurator via console option 11 solved the problem immediately. The correct certificate is now showing up.
Where did your certificate come from ?
it's a Letsencrypt certificate requested via the ACME package. Worked well so far.
In that case :
is set ?
What does the acme log file says ?
It's here : /tmp/acme/[acme-account-name]/acme_issuecert.log
Ctrl-F this text : "Run reload cmd:" Found it ?
Look at the file uses by the reloadcmd.sh file :
It should be here : /tmp/acme/[acme-account-name]/a reloadcmd.sh
Take note : as the account name is used a a file name / path to a file name, it can not contain every possible character.
@gertjan the shell command in the action wasn't set. Don't know how I could miss it. Maybe followed wrong tutorial. Command is set now. Thanks very much for your help!
Maybe followed wrong tutorial
There is only one ......
and the guy who wrote the package is explaining it.
What do you want more ?