WebConfigurator hands out expired certificate, but in Cert. Manager it seems up-to-date
this morning my browser (Chrome) rejected connecting to pfsense's web interface because of an expired certificate. Tried with Firefox, same result. The certificate has expired on 8 May 2021 according to the browsers.
However, when I log in to pfsense ignorning the certificate error, in the Certificate Manager the certificate seems to be valid and has an expiry date of 8 July 2021.
Any ideas why web configurator is handing out the expired certificate when actually there is a valid one (that is assigned to web configurator). My searches didn't bring up any similar cases.
The selected certificate here System > Advanced > Admin Access IS the certificate that expires 8 July 2021 ?
Try also console (or SSH) option 11.
@gertjan thank you very much. A restart of the web configurator via console option 11 solved the problem immediately. The correct certificate is now showing up.
Where did your certificate come from ?
it's a Letsencrypt certificate requested via the ACME package. Worked well so far.
In that case :
is set ?
What does the acme log file says ?
It's here : /tmp/acme/[acme-account-name]/acme_issuecert.log
Ctrl-F this text : "Run reload cmd:" Found it ?
Look at the file uses by the reloadcmd.sh file :
It should be here : /tmp/acme/[acme-account-name]/a reloadcmd.sh
Take note : as the account name is used a a file name / path to a file name, it can not contain every possible character.
@gertjan the shell command in the action wasn't set. Don't know how I could miss it. Maybe followed wrong tutorial. Command is set now. Thanks very much for your help!
@fbmm said in WebConfigurator hands out expired certificate, but in Cert. Manager it seems up-to-date:
Maybe followed wrong tutorial
There is only one ......
and the guy who wrote the package is explaining it.
What do you want more ?