CA Certificate renewal went wrong
-
Good day all,
Long time user, first time poster. I recently had to renew my certificate, something i haven't done previously. i went into the certificate and chose reissue/renew. After a brief pause and the firewall reset, i was back in action. Found out after that when i try to re authenticate with pfSense i now get an error message.
NET::ERR_CERT_INVALID
I have cleared my cookies and cache but nothing.
I can still access pfSense through Firefox, but not through Safari or Chrome. Clearly i did something wrong. I did google the error but not sure where to start on fixing on this.
Any assistance or a point the right direction would be appreciated.
Thanks,
-
If it's the webgui cert you can create a new one from the command line using the php shell:
pfSsh.php playback generateguicert
Steve
-
@gho57rid3r Have run into this also and I've seen it before here. It is the "the website sent scrambled credentials that Google Chrome cannot process" message I assume?
You can bypass the warning while, on the error page, type “badidea” or “thisisunsafe” directly in chrome on the same page (just type into nothing).
Here's a Google forum thread from a couple years ago.
-
hmmm.. i tried that and i got back
Line 1 appears to have generated an error, and has been highlighted. The full response is below.
Note that the line number in the full PHP response will be 6 lines too large. Nested code and eval() errors may incorrectly point to "line 1".1: pfSsh.php playback generateguicert
Thanks.
-
@gho57rid3r Did you run it as a shell command (command line)? That looks like it was run under PHP.
FWIW we had tried regenerating the cert/CA cert a few times and just used the above to bypass the Chrome warning since as I recall it was not every PC in our office. And it is a self signed cert so would have the browser warning anyway.
-
Yup, sorry if you use the actual php shell directly you just need to run:
playback generateguicert
If you're at the command line you can invoke the shell with the full command:
[22.01-BETA][root@pfSense.home.arpa]/root: pfSsh.php playback generateguicert Generating a new self-signed SSL/TLS certificate for the GUI...Done. Restarting webConfigurator...Done.
Steve