websites no showing SEC_ERROR_EXPIRED_CERTIFICATE via pfsense only
-
I have both suricata and pfblockerng installed. previously without problems.
As of today, I am finding that when I try to goto websites, i am getting
SEC_ERROR_EXPIRED_CERTIFICATEIf i setup a vpn from my client and then access the sites, it is fine.
e.g. over the lan
Websites prove their identity via certificates, which are valid for a set time period. The certificate for www.website.de expired on 15/08/2023.with a vpn connection for the same site.
Not After
Sat, 24 Aug 2024 11:26:11 GMTIt is almost like the connection is cached and doesn't update from a new request
any ideas where to look?
-
@gwaitsi now even sites like google are showing
Websites prove their identity via certificates.
Firefox does not trust translate.google.com because its certificate issuer is unknown, the certificate is self-signed, or the server is not sending the correct intermediate certificates. -
@gwaitsi said in websites no showing SEC_ERROR_EXPIRED_CERTIFICATE via pfsense only:
Not After
Sat, 24 Aug 2024 11:26:11 GMTCheck to see who the issuer is for that certificate. Also do a nslookup (or similar) to see what IP address comes back.
It wasn't clear to me at first that pfBlockerNG is sending some requests via DNS to a local address which uses a local certificate. In my case, the SSL cert wasn't expired, but it was still a mismatch.
-
@BassStation70 strange, ended up having to reboot the pfsense and then it was fine