Cert issue for accessing local web pages
-
I'm running an Apache server on my LAN which is exported via port 443 thru the firewall and has a valid LetsEncrypt cert. DDNS is set up and if the pages are accessed from the WAN-side (i.e., shut off WIFI on my phone) then I can access them just fine. If accessed locally (via the LAN) I get this from the browser:
Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for xxxxxxxx.duckdns.org. The certificate is only valid for pfSense-610f2e56e00c5. Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT Organization Netgate pfSense Plus webConfigurator Self-Signed Certificate
How do I resolve this? All I've seen is somewhat related posts that require installing certs on every locally used web browser!
-
Split DNS..
Create an entry in DNS Resolver (in case you are using unbound) for the local address to be reachable by that name.
So, from the Internet, your WAN will be resolved.
From inside, the local address will be resolved. -
@mcury Excellent. Added to Host Overrides. I'm somewhat surprised that this resolves a certificate trust issue. Hum...
Thank you.
-
Good to hear that it's working now
-
@cjnazz said in Cert issue for accessing local web pages:
I'm somewhat surprised that this resolves a certificate trust issue. Hum...
It resolves it because without that you are just hitting the pfSense webgui which is obviously not valid for the site you are trying to reach.
https://docs.netgate.com/pfsense/en/latest/recipes/port-forwards-from-local-networks.html
Steve